Security Vulnerabilities - CVEs Published In November 2021
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-11-10
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributsNode.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-11-10
pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-10
pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-11-10
pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-11-10
pdf2json v0.71 was discovered to contain a NULL pointer dereference in the component ObjectStream::getObject.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-10
A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service (DoS) via a crafted MNG file.
CVSS Score
5.5
EPSS Score
0.004
Published
2021-11-10
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted pict file. Related to a User Mode Write AV starting at ntdll!RtlpLowFragHeapFree.
CVSS Score
5.5
EPSS Score
0.004
Published
2021-11-10
A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers to cause a denial of service (DoS).
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-10
An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed on a jailbroken device, it is possible to retrieve the PIN code used to access the application. The IOS app version 1.4.1631262629 resolves this issue by storing a hash PIN code.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-10