Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
annotations vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-14303
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
8.8
CVSSv3
CVE-2018-14305
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
5.4
CVSSv3
CVE-2023-5118
The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. This allows for the injecti...
Tungstenautomation Kofax Capture
8.8
CVSSv3
CVE-2018-9958
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
2 EDB exploits
1 Github repository
NA
CVE-2022-44519
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
5.5
CVSSv3
CVE-2023-46250
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions 3.7.0 up to and including 3.16.4 can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the C...
Pypdf Project Pypdf
7.1
CVSSv3
CVE-2021-25742
A security issue exists in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.
Kubernetes Ingress-nginx
Kubernetes Ingress-nginx 1.0.0
Netapp Trident -
2 Github repositories
6.5
CVSSv3
CVE-2019-10223
A security issue exists in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combi...
Kubernetes Kube-state-metrics 1.7.0
Kubernetes Kube-state-metrics 1.7.1
Redhat Openshift Container Platform 4.2
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
5.3
CVSSv3
CVE-2018-18688
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to...
Code-industry Master Pdf Editor 5.1.12
Code-industry Master Pdf Editor 5.1.68
Foxitsoftware Foxit Reader 9.4
Foxitsoftware Phantompdf 8.3.9
Foxitsoftware Phantompdf
Gonitro Nitro Pro 11.0.3.173
Gonitro Nitro Reader 5.5.9.2
Iskysoft Pdf Editor 6 6.4.2.3521
Iskysoft Pdfelement6 6.8.0.3523
Iskysoft Pdfelement6 6.8.4.3921
Libreoffice Libreoffice 6.0.6.2
Libreoffice Libreoffice 6.1.3.2
Nuance Power Pdf Standard 3.0.0.17
Nuance Power Pdf Standard 3.0.0.30
Nuance Power Pdf Standard 7.0
Qoppa Pdf Studio 12.0.7
Qoppa Pdf Studio Viewer 2018 2018.0.1
Qoppa Pdf Studio Viewer 2018 2018.2.0
Soft-xpansion Perfect Pdf 10 10.0.0.1
Soft-xpansion Perfect Pdf Reader 13.0.3
Soft-xpansion Perfect Pdf Reader 13.1.5
Foxitsoftware Foxit Reader 9.1.0
8.8
CVSSv3
CVE-2022-46167
Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with `PATCH` capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliati...
Clastix Capsule
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »