Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-pdf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3248
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file.
Corel Pdf Fusion 1.11
1 EDB exploit
7.5
CVSSv3
CVE-2019-14208
An issue exists in Foxit PhantomPDF prior to 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.
Foxitsoftware Phantompdf
NA
CVE-2009-0756
The JBIG2Stream::readSymbolDictSeg function in Poppler prior to 0.10.4 allows remote malicious users to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memor...
Poppler Poppler 0.1
Poppler Poppler 0.1.1
Poppler Poppler 0.3.2
Poppler Poppler 0.5.91
Poppler Poppler 0.4.2
Poppler Poppler 0.4.3
Poppler Poppler 0.5.90
Poppler Poppler 0.5.9
Poppler Poppler
Poppler Poppler 0.3.0
Poppler Poppler 0.3.1
Poppler Poppler 0.7.0
Poppler Poppler 0.7.3
Poppler Poppler 0.5.1
Poppler Poppler 0.5.0
Poppler Poppler 0.4.4
Poppler Poppler 0.6.1
Poppler Poppler 0.6.0
Poppler Poppler 0.2.0
Poppler Poppler 0.10.1
Poppler Poppler 0.7.2
Poppler Poppler 0.6.4
1 EDB exploit
8.8
CVSSv3
CVE-2016-8877
Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF prior to 8.1 on Windows allows remote malicious users to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue.
Foxitsoftware Phantompdf
Foxitsoftware Reader
NA
CVE-2009-4764
Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote malicious users to trick users into executing arbitrary code via a crafted document.
Adobe Acrobat Reader 8.0
Adobe Acrobat Reader 8.1
Adobe Acrobat Reader 9.0
Adobe Acrobat Reader 9.1
Adobe Acrobat Reader 8.1.1
Adobe Acrobat Reader 8.1.2
Adobe Acrobat Reader 9.1.1
Adobe Acrobat Reader 9.1.2
Adobe Acrobat Reader 8.1.6
Adobe Acrobat Reader 8.1.7
Adobe Acrobat Reader 9.3
Adobe Acrobat Reader 8.1.4
Adobe Acrobat Reader 8.1.5
Adobe Acrobat Reader 9.1.3
Adobe Acrobat Reader 9.2
NA
CVE-2011-1908
Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader prior to 4.0.0.0619 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.
Foxitsoftware Foxit Reader 3.1.3
Foxitsoftware Foxit Reader 3.1
Foxitsoftware Foxit Reader 3.3.1
Foxitsoftware Foxit Reader 3.1.4
Foxitsoftware Foxit Reader 2.3
Foxitsoftware Foxit Reader 3.0
Foxitsoftware Foxit Reader 2.2
Foxitsoftware Foxit Reader 2.0
Foxitsoftware Foxit Reader 3.1.1
Foxitsoftware Foxit Reader 3.2.1
Foxitsoftware Foxit Reader 3.2
Foxitsoftware Foxit Reader
9.8
CVSSv3
CVE-2022-44544
Mahara 21.04 prior to 21.04.7, 21.10 prior to 21.10.5, 22.04 prior to 22.04.3, and 22.10 prior to 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript.
Mahara Mahara 22.10.0
Mahara Mahara
NA
CVE-2009-0928
Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote malicious users to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.
Adobe Acrobat 7.1.0
Adobe Acrobat 7.0.9
Adobe Acrobat 7.0.8
Adobe Acrobat 7.0.7
Adobe Acrobat 6.0
Adobe Acrobat 8.1
Adobe Acrobat 8.0
Adobe Acrobat 7.0.2
Adobe Acrobat 7.0.1
Adobe Acrobat 7.0
Adobe Acrobat 6.0.6
Adobe Acrobat 6.0.5
Adobe Acrobat 4.0
Adobe Acrobat 3.1
Adobe Acrobat 3.0
Adobe Acrobat 8.1.1
Adobe Acrobat 7.1.4
Adobe Acrobat 7.1.2
Adobe Acrobat 7.0.5
Adobe Acrobat 7.0.3
Adobe Acrobat 6.0.3
Adobe Acrobat 6.0.1
NA
CVE-2008-1575
Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 prior to 10.5.3 allows user-assisted remote malicious users to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing.
Apple Mac Os X Server 10.5.2
Apple Mac Os X Server 10.5
Apple Mac Os X Server 10.5.1
Apple Mac Os X 10.5
Apple Mac Os X 10.5.1
Apple Mac Os X 10.5.2
NA
CVE-2006-4273
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote malicious users to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explore...
Jelsoft Vbulletin 3.5.4
Jelsoft Vbulletin 3.6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »