Vulnerabilities > Gonitro > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-08 CVE-2020-10223 Out-of-bounds Write vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.
network
low complexity
gonitro CWE-787
8.1
8.1
2020-03-08 CVE-2020-10222 Unspecified vulnerability in Gonitro Nitro PRO
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document.
network
low complexity
gonitro
8.1
8.1
2020-01-14 CVE-2013-2773 Untrusted Search Path vulnerability in Gonitro Nitropdf 8.5.0.26
Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution
local
low complexity
gonitro CWE-426
7.8
7.8
2019-11-21 CVE-2019-18958 Incorrect Permission Assignment for Critical Resource vulnerability in Gonitro Nitro PRO
Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner.
local
low complexity
gonitro CWE-732
7.8
7.8
2019-10-09 CVE-2019-5053 Use After Free vulnerability in Gonitro Nitropdf 12.2.1.522
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF.
local
low complexity
gonitro CWE-416
7.8
7.8
2019-10-09 CVE-2019-5050 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522.
local
low complexity
gonitro CWE-787
7.8
7.8
2019-10-09 CVE-2019-5048 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.2.1.522
A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522.
local
low complexity
gonitro CWE-787
7.8
7.8
2019-10-09 CVE-2019-5047 Type Confusion vulnerability in Gonitro Nitropdf 12.2.1.522
An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF.
local
low complexity
gonitro CWE-843
7.8
7.8
2019-10-09 CVE-2019-5046 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522.
local
low complexity
gonitro CWE-787
7.8
7.8
2019-10-09 CVE-2019-5045 Out-of-bounds Write vulnerability in Gonitro Nitropdf 12.12.1.522
A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522.
local
low complexity
gonitro CWE-787
7.8
7.8