Vulnerabilities > Podofo Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-17 CVE-2018-14320 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo.
network
low complexity
podofo-project CWE-119
6.5
2018-06-29 CVE-2018-12982 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.6
Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.
local
low complexity
podofo-project CWE-119
5.5
2018-05-18 CVE-2018-11256 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
An issue was discovered in PoDoFo 0.9.5.
network
low complexity
podofo-project CWE-476
6.5
2018-05-18 CVE-2018-11255 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
An issue was discovered in PoDoFo 0.9.5.
local
low complexity
podofo-project CWE-476
5.5
2018-05-18 CVE-2018-11254 Uncontrolled Recursion vulnerability in Podofo Project Podofo 0.9.5
An issue was discovered in PoDoFo 0.9.5.
local
low complexity
podofo-project CWE-674
5.5
2018-01-27 CVE-2018-6352 Resource Exhaustion vulnerability in Podofo Project Podofo 0.9.5
In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp.
local
low complexity
podofo-project CWE-400
5.5
2018-01-19 CVE-2018-5783 Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.5
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h).
local
low complexity
podofo-project CWE-770
5.5
2018-01-09 CVE-2018-5309 Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5
In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp).
local
low complexity
podofo-project CWE-190
5.5
2018-01-08 CVE-2018-5296 Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.5
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp).
local
low complexity
podofo-project CWE-770
5.5
2018-01-08 CVE-2018-5295 Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5
In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp).
local
low complexity
podofo-project CWE-190
5.5