Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project podofo - vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-6352
In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file.
Podofo Project Podofo 0.9.5
8.8
CVSSv3
CVE-2017-8787
The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.
Podofo Project Podofo 0.9.5
5.5
CVSSv3
CVE-2018-5783
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Podofo Project Podofo 0.9.5
6.5
CVSSv3
CVE-2018-20797
An issue exists in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.
Podofo Project Podofo 0.9.6
8.8
CVSSv3
CVE-2018-19532
A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an malicious user to cause Denial of Service.
Podofo Project Podofo 0.9.6
5.5
CVSSv3
CVE-2017-5852
The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (infinite loop) via a crafted file.
Podofo Project Podofo 0.9.4
5.5
CVSSv3
CVE-2017-5854
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
Podofo Project Podofo 0.9.4
5.5
CVSSv3
CVE-2017-6840
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (invalid read) via a crafted file.
Podofo Project Podofo 0.9.5
5.5
CVSSv3
CVE-2017-6842
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.5
7.8
CVSSv3
CVE-2017-6843
Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote malicious users to have unspecified impact via a crafted file.
Podofo Project Podofo 0.9.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »