Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gonitro vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-6115
An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will sa...
Gonitro Nitro Pro 13.16.2.300
Gonitro Nitro Pro 13.13.2.242
8.8
CVSSv3
CVE-2020-6146
An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file...
Gonitro Nitro Pro 13.16.2.300
Gonitro Nitro Pro 13.13.2.242
7.8
CVSSv3
CVE-2021-21796
An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause an object containing the path to a document to be destroyed and then later reused, resulting in a use-after-free vulnerability, which can l...
Gonitro Nitro Pro 13.33.2.645
Gonitro Nitro Pro 13.31.0.605
7.8
CVSSv3
CVE-2021-21797
An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released tw...
Gonitro Nitro Pro 13.33.2.645
Gonitro Nitro Pro 13.31.0.605
7.8
CVSSv3
CVE-2021-21798
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code ex...
Gonitro Nitro Pro 13.33.2.645
Gonitro Nitro Pro 13.31.0.605
7.8
CVSSv3
CVE-2020-6113
An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order ...
Gonitro Nitro Pro 13.16.2.300
Gonitro Nitro Pro 13.13.2.242
7.8
CVSSv3
CVE-2020-6112
An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stri...
Gonitro Nitro Pro 13.16.2.300
Gonitro Nitro Pro 13.13.2.242
7.8
CVSSv3
CVE-2020-6116
An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocatin...
Gonitro Nitro Pro 13.16.2.300
Gonitro Nitro Pro 13.13.2.242
5.5
CVSSv3
CVE-2019-19819
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content.
Gonitro Nitropdf 12.0.0.112
5.5
CVSSv3
CVE-2017-7950
Nitro Pro 11.0.3 and previous versions allows remote malicious users to cause a denial of service (application crash) via a crafted PCX file.
Gonitro Nitro Pro
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »