A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path.
Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8.
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.11, there is a blind server side request forgery (SSRF) via the PDF generate function. I
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: fr
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If
PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is r
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privileg
New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol.
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery (SSRF) vulnera
A Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) vulnerability was found in the InsertFromHtmlString() function of the Apryse HTML2PDF SDK thru 11.6.0. These vulnerabilities could
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of the `options` argument of the `output` function allows attackers to inject arbitrary HTML (such as scripts) i
A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead t
A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handle_pdf_document of the file python/helpers/document_query.py. This manipulation causes server-side requ
Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installa
Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installa
An Improper Certificate Validation vulnerability in LibreOffice allowed
an attacker to self sign an ODF document, with a signature untrusted by
the target, then modify it to change the signature alg
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation.
In the affected versions of LibreOffice a flaw in the verificati
PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange
The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.0.0 via the rtw_pgaepb_dwnld_pdf() function. This makes
Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the conte