Vulnerabilities > Gonitro

DATE CVE VULNERABILITY TITLE RISK
2020-05-18 CVE-2020-6093 Access of Uninitialized Pointer vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling.
network
gonitro CWE-824
4.3
2020-05-18 CVE-2020-6092 Integer Overflow or Wraparound vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects.
network
gonitro CWE-190
6.8
2020-05-18 CVE-2020-6074 Use After Free vulnerability in Gonitro Nitro PRO 13.9.1.155
An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155.
network
gonitro CWE-416
6.8
2020-03-08 CVE-2020-10223 Out-of-bounds Write vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.
network
gonitro CWE-787
5.8
2020-03-08 CVE-2020-10222 Out-of-bounds Write vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document.
network
gonitro CWE-787
5.8
2020-01-14 CVE-2013-2773 Untrusted Search Path vulnerability in Gonitro Nitropdf 8.5.0.26
Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution
4.4
2020-01-10 CVE-2019-19819 NULL Pointer Dereference vulnerability in Gonitro Nitropdf 12.0.0.112
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content.
network
gonitro CWE-476
4.3
2020-01-10 CVE-2019-19817 Out-of-bounds Read vulnerability in Gonitro Nitro Free PDF Reader 12.0.0.112
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content.
network
gonitro CWE-125
4.3
2019-12-16 CVE-2019-19818 Out-of-bounds Read vulnerability in Gonitro Nitro Free PDF Reader 12.0.0.112
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content.
network
gonitro CWE-125
4.3
2019-11-21 CVE-2019-18958 Improper Input Validation vulnerability in Gonitro Nitro PRO
Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner.
local
low complexity
gonitro CWE-20
4.6