Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-6352
In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file.
Podofo Project Podofo 0.9.5
6.8
CVSSv2
CVE-2017-8787
The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2018-5783
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2018-20797
An issue exists in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.
Podofo Project Podofo 0.9.6
6.8
CVSSv2
CVE-2018-19532
A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an malicious user to cause Denial of Service.
Podofo Project Podofo 0.9.6
4.3
CVSSv2
CVE-2017-5852
The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (infinite loop) via a crafted file.
Podofo Project Podofo 0.9.4
4.3
CVSSv2
CVE-2017-5854
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
Podofo Project Podofo 0.9.4
4.3
CVSSv2
CVE-2017-6840
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (invalid read) via a crafted file.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2017-6842
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.5
6.8
CVSSv2
CVE-2017-6843
Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote malicious users to have unspecified impact via a crafted file.
Podofo Project Podofo 0.9.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »