Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-pdf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0512
Adobe Reader 11.0.06 allows malicious users to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
Adobe Acrobat Reader 11.0.6
5.5
CVSSv3
CVE-2023-36464
pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull...
Pypdf2 Project Pypdf2
Pypdf Project Pypdf
6.5
CVSSv3
CVE-2022-1067
Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting.
Lifepoint Patient Portal
NA
CVE-2009-5044
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) prior to 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.
Apple Mac Os X
Gnu Groff 1.16.1
Gnu Groff 1.16
Gnu Groff 1.19.2
Gnu Groff 1.18.1
Gnu Groff 1.11a
Gnu Groff
Gnu Groff 1.19.1
Gnu Groff 1.20
Gnu Groff 1.19
Gnu Groff 1.14
Gnu Groff 1.17.2
Gnu Groff 1.10
Gnu Groff 1.17.1
Gnu Groff 1.11
Gnu Groff 1.15
7.8
CVSSv3
CVE-2012-2142
The error function in Error.cc in poppler prior to 0.21.4 allows remote malicious users to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
Freedesktop Poppler
Xpdfreader Xpdf 3.02
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Opensuse Opensuse 12.2
6.5
CVSSv3
CVE-2017-3115
Adobe Acrobat Reader 2017.009.20058 and previous versions, 2017.008.30051 and previous versions, 2015.006.30306 and previous versions, and 11.0.20 and previous versions has an information disclosure vulnerability when handling links in a PDF document.
Adobe Acrobat Dc
Adobe Acrobat Reader Dc
Adobe Acrobat
Adobe Reader
6.1
CVSSv3
CVE-2018-19289
An issue exists in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.
Valine.js Valine 1.3.3
9.8
CVSSv3
CVE-2018-21244
An issue exists in Foxit PhantomPDF prior to 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.
Foxitsoftware Phantompdf
NA
CVE-2015-3632
Foxit Reader, Enterprise Reader, and PhantomPDF prior to 7.1.5 allow remote malicious users to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
Foxitsoftware Enterprise Reader
1 EDB exploit
NA
CVE-2002-1569
gv 3.5.8, and possibly earlier versions, allows remote malicious users to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
Gv Gv 2.7b1
Gv Gv 2.7b2
Gv Gv 3.1.4
Gv Gv 3.1.6
Gv Gv 3.5.8
Ghostview Ghostview 1.4
Ghostview Ghostview 1.4.1
Gv Gv 2.7b5
Gv Gv 2.9.4
Gv Gv 3.4.2
Gv Gv 3.4.3
Ghostview Ghostview 1.3
Gv Gv 2.7b3
Gv Gv 2.7b4
Gv Gv 3.2.4
Gv Gv 3.4.12
Ghostview Ghostview 1.5
Gv Gv 2.7.6
Gv Gv 3.0.0
Gv Gv 3.0.4
Gv Gv 3.5.2
Gv Gv 3.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »