Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-8981
Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows malicious users to have unspecified impact via vectors related to m_offsets.size.
Podofo Project Podofo -
6.5
CVSSv3
CVE-2018-14320
This vulnerability allows remote malicious users to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists w...
Podofo Project Podofo -
6.5
CVSSv3
CVE-2023-31556
podofoinfo 0.10.0 exists to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent.
Podofo Project Podofo 0.10.0
8.8
CVSSv3
CVE-2023-31566
Podofo v0.10.0 exists to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().
Podofo Project Podofo 0.10.0
8.8
CVSSv3
CVE-2023-31567
Podofo v0.10.0 exists to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.
Podofo Project Podofo 0.10.0
5.5
CVSSv3
CVE-2017-6841
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.5
5.5
CVSSv3
CVE-2017-6849
The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.4
7.8
CVSSv3
CVE-2023-2241
A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has bee...
Podofo Project Podofo 0.10.0
5.5
CVSSv3
CVE-2017-6840
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (invalid read) via a crafted file.
Podofo Project Podofo 0.9.5
5.5
CVSSv3
CVE-2017-6842
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »