Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Podofo Project Subscribe
Total 55 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8981 1 Podofo Project 1 Podofo 2017-03-21 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to m_offsets.size.
CVE-2017-6848 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-6841 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-6847 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-6840 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file.
CVE-2017-6842 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-6844 1 Podofo Project 1 Podofo 2017-03-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-6849 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-6843 1 Podofo Project 1 Podofo 2017-03-16 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-6845 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-6846 1 Podofo Project 1 Podofo 2017-03-16 4.3 MEDIUM 5.5 MEDIUM
The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-5886 1 Podofo Project 1 Podofo 2017-03-03 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-5855 1 Podofo Project 1 Podofo 2017-03-03 4.3 MEDIUM 5.5 MEDIUM
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-5854 1 Podofo Project 1 Podofo 2017-03-02 4.3 MEDIUM 5.5 MEDIUM
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVE-2017-5853 1 Podofo Project 1 Podofo 2017-03-02 6.8 MEDIUM 7.8 HIGH
Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.