Vulnerabilities > Tungstenautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-5304 | Out-of-bounds Write vulnerability in Tungstenautomation Kofax Power PDF 5.0.0.57 Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | 7.8 |
| 2024-06-06 | CVE-2024-5305 | Classic Buffer Overflow vulnerability in Tungstenautomation Kofax Power PDF 5.0.0.57 Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. | 7.8 |
| 2024-06-06 | CVE-2024-5306 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tungstenautomation Kofax Power PDF 5.0.0.57 Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. | 7.8 |
| 2024-06-06 | CVE-2024-5307 | Out-of-bounds Read vulnerability in Tungstenautomation Kofax Power PDF 5.0.0.57 Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. | 3.3 |
| 2024-06-06 | CVE-2024-30373 | Out-of-bounds Write vulnerability in Tungstenautomation Power PDF Kofax Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | 7.8 |
| 2024-06-06 | CVE-2024-5301 | Out-of-bounds Write vulnerability in Tungstenautomation Kofax Power PDF 5.0.0.57 Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. | 7.8 |
| 2024-06-06 | CVE-2024-5302 | Out-of-bounds Write vulnerability in Tungstenautomation Kofax Power PDF 5.0.0.57 Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | 7.8 |
| 2024-06-06 | CVE-2024-5303 | Out-of-bounds Write vulnerability in Tungstenautomation Kofax Power PDF 5.0.0.57 Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | 7.8 |
| 2024-01-11 | CVE-2023-5118 | Cross-site Scripting vulnerability in Tungstenautomation Kofax Capture 11.0.0 The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. | 5.4 |