Vulnerabilities > Gonitro

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2019-5053 Use After Free vulnerability in Gonitro Nitropdf 12.2.1.522
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF.
network
gonitro CWE-416
6.8
2019-10-09 CVE-2019-5050 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8
2019-10-09 CVE-2019-5048 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.2.1.522
A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8
2019-10-09 CVE-2019-5047 Type Confusion vulnerability in Gonitro Nitropdf 12.2.1.522
An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF.
network
gonitro CWE-843
6.8
2019-10-09 CVE-2019-5046 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8
2019-10-09 CVE-2019-5045 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522.
network
gonitro CWE-787
6.8
2017-08-03 CVE-2017-7442 Path Traversal vulnerability in Gonitro Nitro PRO 11.0.3.173
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
network
gonitro CWE-22
6.8
2017-07-07 CVE-2017-7950 Improper Input Validation vulnerability in Gonitro Nitro PRO
Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file.
network
gonitro CWE-20
4.3
2017-02-10 CVE-2016-8713 Out-of-bounds Write vulnerability in Gonitro Nitro PDF PRO 10.5.5.9
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9.
local
low complexity
gonitro CWE-787
7.8
2017-02-10 CVE-2016-8711 Unspecified vulnerability in Gonitro Nitro PDF PRO 10.5.5.9/10.5.9.9
A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10.
local
low complexity
gonitro
7.8