Vulnerabilities (CVE)

Filtered by vendor Podofo Project Subscribe

Filtered by product Podofo

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 55 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-6846	1 Podofo Project	1 Podofo	2017-03-16	4.3 MEDIUM	5.5 MEDIUM
The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-5886	1 Podofo Project	1 Podofo	2017-03-04	6.8 MEDIUM	7.8 HIGH
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-5855	1 Podofo Project	1 Podofo	2017-03-04	4.3 MEDIUM	5.5 MEDIUM
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-5854	1 Podofo Project	1 Podofo	2017-03-03	4.3 MEDIUM	5.5 MEDIUM
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVE-2017-5853	1 Podofo Project	1 Podofo	2017-03-03	6.8 MEDIUM	7.8 HIGH
Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.