Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project podofo - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-14320
This vulnerability allows remote malicious users to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists w...
Podofo Project Podofo -
7.5
CVSSv2
CVE-2015-8981
Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows malicious users to have unspecified impact via vectors related to m_offsets.size.
Podofo Project Podofo -
4.3
CVSSv2
CVE-2017-7994
The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2017-8054
The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2020-18971
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows malicious users to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.
Podofo Project Podofo 0.9.6
4.3
CVSSv2
CVE-2020-18972
Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows malicious users to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.
Podofo Project Podofo 0.9.6
4.3
CVSSv2
CVE-2018-5783
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2017-6845
The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.4
4.3
CVSSv2
CVE-2017-6847
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.4
NA
CVE-2023-2241
A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has bee...
Podofo Project Podofo 0.10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »