Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-pdf vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2014-0512
Adobe Reader 11.0.06 allows malicious users to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
Adobe Acrobat Reader 11.0.6
7.5
CVSSv2
CVE-2021-38568
An issue exists in Foxit Reader and PhantomPDF prior to 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
6.8
CVSSv2
CVE-2012-2142
The error function in Error.cc in poppler prior to 0.21.4 allows remote malicious users to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
Freedesktop Poppler
Xpdfreader Xpdf 3.02
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Opensuse Opensuse 12.2
4
CVSSv2
CVE-2022-1067
Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting.
Lifepoint Patient Portal
3.3
CVSSv2
CVE-2009-5044
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) prior to 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.
Apple Mac Os X
Gnu Groff 1.16.1
Gnu Groff 1.16
Gnu Groff 1.19.2
Gnu Groff 1.18.1
Gnu Groff 1.11a
Gnu Groff
Gnu Groff 1.19.1
Gnu Groff 1.20
Gnu Groff 1.19
Gnu Groff 1.14
Gnu Groff 1.17.2
Gnu Groff 1.10
Gnu Groff 1.17.1
Gnu Groff 1.11
Gnu Groff 1.15
7.5
CVSSv2
CVE-2018-21244
An issue exists in Foxit PhantomPDF prior to 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.
Foxitsoftware Phantompdf
4.3
CVSSv2
CVE-2018-19289
An issue exists in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.
Valine.js Valine 1.3.3
4.3
CVSSv2
CVE-2017-3115
Adobe Acrobat Reader 2017.009.20058 and previous versions, 2017.008.30051 and previous versions, 2015.006.30306 and previous versions, and 11.0.20 and previous versions has an information disclosure vulnerability when handling links in a PDF document.
Adobe Acrobat Dc
Adobe Acrobat Reader Dc
Adobe Acrobat
Adobe Reader
4.3
CVSSv2
CVE-2015-3632
Foxit Reader, Enterprise Reader, and PhantomPDF prior to 7.1.5 allow remote malicious users to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
Foxitsoftware Enterprise Reader
1 EDB exploit
7.5
CVSSv2
CVE-2002-1569
gv 3.5.8, and possibly earlier versions, allows remote malicious users to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
Gv Gv 2.7b1
Gv Gv 2.7b2
Gv Gv 3.1.4
Gv Gv 3.1.6
Gv Gv 3.5.8
Ghostview Ghostview 1.4
Ghostview Ghostview 1.4.1
Gv Gv 2.7b5
Gv Gv 2.9.4
Gv Gv 3.4.2
Gv Gv 3.4.3
Ghostview Ghostview 1.3
Gv Gv 2.7b3
Gv Gv 2.7b4
Gv Gv 3.2.4
Gv Gv 3.4.12
Ghostview Ghostview 1.5
Gv Gv 2.7.6
Gv Gv 3.0.0
Gv Gv 3.0.4
Gv Gv 3.5.2
Gv Gv 3.5.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »