Vulnerabilities > Gonitro

DATE CVE VULNERABILITY TITLE RISK
2021-09-15 CVE-2021-21798 Use After Free vulnerability in Gonitro Nitro PRO 13.31.0.605/13.33.2.645
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF.
network
gonitro CWE-416
6.8
2021-01-07 CVE-2018-18689 Improper Verification of Cryptographic Signature vulnerability in multiple products
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures.
5.0
2021-01-07 CVE-2018-18688 Improper Verification of Cryptographic Signature vulnerability in multiple products
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures.
5.0
2020-09-17 CVE-2020-6116 Integer Overflow or Wraparound vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300
An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242.
network
gonitro CWE-190
6.8
2020-09-17 CVE-2020-6115 Use After Free vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300
An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242.
network
gonitro CWE-416
6.8
2020-09-17 CVE-2020-6113 Integer Overflow or Wraparound vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300
An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table.
network
gonitro CWE-190
6.8
2020-09-17 CVE-2020-6112 Out-of-bounds Write vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300
An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples.
network
gonitro CWE-787
6.8
2020-09-16 CVE-2020-6146 Out-of-bounds Write vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300
An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300.
network
gonitro CWE-787
6.8
2020-05-18 CVE-2020-6093 Access of Uninitialized Pointer vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling.
network
gonitro CWE-824
4.3
2020-05-18 CVE-2020-6092 Integer Overflow or Wraparound vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects.
network
gonitro CWE-190
6.8