Vulnerabilities > Gonitro > Nitropdf > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-14 CVE-2013-2773 Untrusted Search Path vulnerability in Gonitro Nitropdf 8.5.0.26
Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution
4.4
2020-01-10 CVE-2019-19819 NULL Pointer Dereference vulnerability in Gonitro Nitropdf 12.0.0.112
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content.
network
gonitro CWE-476
4.3
2019-10-09 CVE-2019-5053 Use After Free vulnerability in Gonitro Nitropdf 12.2.1.522
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF.
network
gonitro CWE-416
6.8
2019-10-09 CVE-2019-5050 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8
2019-10-09 CVE-2019-5048 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.2.1.522
A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8
2019-10-09 CVE-2019-5047 Type Confusion vulnerability in Gonitro Nitropdf 12.2.1.522
An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF.
network
gonitro CWE-843
6.8
2019-10-09 CVE-2019-5046 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8
2019-10-09 CVE-2019-5045 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8