Vulnerabilities > Flowpaper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-21 | CVE-2020-19471 | Out-of-bounds Read vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 . | 5.5 |
| 2021-07-21 | CVE-2020-19472 | Out-of-bounds Read vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function DCTStream::readHuffSym in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 2 . | 5.5 |
| 2021-07-21 | CVE-2020-19473 | Improper Handling of Exceptional Conditions vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an uncaught floating point exception. | 5.5 |
| 2021-07-21 | CVE-2020-19474 | Use After Free vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function Gfx::doShowText in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an Use After Free . | 5.5 |
| 2021-07-21 | CVE-2020-19475 | Out-of-bounds Write vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function CCITTFaxStream::lookChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 2 . | 5.5 |
| 2017-10-17 | CVE-2014-9678 | Improper Input Validation vulnerability in Flowpaper Flexpaper FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing attacks via the Swfile parameter. | 6.1 |
| 2017-10-17 | CVE-2014-9677 | Cross-site Scripting vulnerability in Flowpaper Flexpaper Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the Swfile parameter. | 6.1 |