Vulnerabilities > Gonitro > Nitro PRO > 11.0.0.64

DATE CVE VULNERABILITY TITLE RISK
2020-03-08 CVE-2020-10223 Out-of-bounds Write vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.
network
gonitro CWE-787
5.8
5.8
2020-03-08 CVE-2020-10222 Out-of-bounds Write vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document.
network
gonitro CWE-787
5.8
5.8
2019-11-21 CVE-2019-18958 Improper Input Validation vulnerability in Gonitro Nitro PRO
Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner.
local
low complexity
gonitro CWE-20
4.6
4.6
2017-07-07 CVE-2017-7950 Improper Input Validation vulnerability in Gonitro Nitro PRO
Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file.
network
gonitro CWE-20
4.3
4.3