Vulnerabilities > Gonitro > Nitro PRO > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-18 | CVE-2021-21796 | Use After Free vulnerability in Gonitro Nitro PRO 13.31.0.605/13.33.2.645 An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. | 7.8 |
| 2021-10-18 | CVE-2021-21797 | Double Free vulnerability in Gonitro Nitro PRO 13.31.0.605/13.33.2.645 An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. | 7.8 |
| 2021-09-15 | CVE-2021-21798 | Unspecified vulnerability in Gonitro Nitro PRO 13.31.0.605/13.33.2.645 An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. | 7.8 |
| 2020-09-17 | CVE-2020-6116 | Incorrect Calculation of Buffer Size vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300 An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. | 7.8 |
| 2020-09-17 | CVE-2020-6115 | Use After Free vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300 An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. | 7.8 |
| 2020-09-17 | CVE-2020-6113 | Incorrect Calculation of Buffer Size vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300 An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. | 7.8 |
| 2020-09-17 | CVE-2020-6112 | Unspecified vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300 An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. | 7.8 |
| 2020-09-16 | CVE-2020-6146 | Out-of-bounds Write vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300 An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. | 8.8 |
| 2020-05-18 | CVE-2020-6092 | Integer Overflow or Wraparound vulnerability in Gonitro Nitro PRO 13.9.1.155 An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. | 7.8 |
| 2020-05-18 | CVE-2020-6074 | Use After Free vulnerability in Gonitro Nitro PRO 13.9.1.155 An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. | 8.8 |