Vulnerabilities > Gonitro > Nitro PRO > 13.9.1.155

DATE CVE VULNERABILITY TITLE RISK
2020-05-18 CVE-2020-6093 Access of Uninitialized Pointer vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling.
local
low complexity
gonitro CWE-824
5.5
5.5
2020-05-18 CVE-2020-6092 Integer Overflow or Wraparound vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects.
local
low complexity
gonitro CWE-190
7.8
7.8
2020-05-18 CVE-2020-6074 Use After Free vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155.
network
low complexity
gonitro CWE-416
8.8
8.8
2020-03-08 CVE-2020-10223 Out-of-bounds Write vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.
network
low complexity
gonitro CWE-787
8.1
8.1
2020-03-08 CVE-2020-10222 Unspecified vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document.
network
low complexity
gonitro
8.1
8.1