cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-5511,https://securityvulnerability.io/vulnerability/CVE-2024-5511,Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"The vulnerability in Kofax Power PDF arises from improper validation during the parsing of JP2 files, resulting in out-of-bounds read capabilities. This flaw permits remote attackers to execute arbitrary code on affected systems after enticing a user to open a malicious JP2 file or visit a compromised webpage. The exploitation occurs when user-supplied data leads to read operations that exceed allocated memory boundaries, allowing attackers to execute code with the permissions of the user's process.",Kofax,Power PDF,7.8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-11-22T20:15:00.000Z,0
CVE-2024-5510,https://securityvulnerability.io/vulnerability/CVE-2024-5510,Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"A vulnerability exists in Kofax Power PDF related to the parsing of JP2 files, allowing remote attackers to execute arbitrary code under certain conditions. This flaw is caused by inadequate validation of data supplied by users, leading to the potential for reading beyond the bounds of allocated memory. To exploit this vulnerability, users must interact with an attacker-crafted file or visit a malicious webpage, making it imperative for organizations utilizing Kofax Power PDF to implement security measures and apply relevant patches to mitigate risks associated with CVE-2024-5510.",Kofax,Power PDF,7.8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-11-22T20:15:00.000Z,0
CVE-2024-5513,https://securityvulnerability.io/vulnerability/CVE-2024-5513,Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"The vulnerability associated with Kofax Power PDF involves a flaw in the parsing of JP2 files that allows a remote attacker to execute arbitrary code on affected installations. This flaw results from insufficient validation of user-supplied data, which may lead to an out-of-bounds write past the allocated buffer end. As a consequence, an attacker can exploit the vulnerability to execute code in the context of the current process, provided that a user visits a malicious webpage or opens a compromised file. Awareness of this issue and appropriate security measures are essential to mitigate risks.",Kofax,Power PDF,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2024-11-22T20:15:00.000Z,0
CVE-2024-30373,https://securityvulnerability.io/vulnerability/CVE-2024-30373,Remote Code Execution Vulnerability in Kofax Power PDF Due to JPF File Parsing,"A significant security flaw exists in Kofax Power PDF related to the parsing of JPF files, enabling remote attackers to manipulate data that leads to an out-of-bounds write condition. This vulnerability arises from inadequate validation of user-supplied input, which may permit writes beyond the allocated boundaries of memory objects. Successful exploitation necessitates user interaction, specifically requiring the victim to view a malicious webpage or open a malformed file. Once the flaw is exploited, an attacker can execute arbitrary code with the permissions of the affected application, potentially compromising the integrity and confidentiality of the user's system.",Kofax,Power PDF,7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2024-06-06T18:20:51.497Z,0
CVE-2024-5306,https://securityvulnerability.io/vulnerability/CVE-2024-5306,Remote Code Execution Vulnerability in Kofax Power PDF Allows Attackers to Execute Arbitrary Code,"A vulnerability in Kofax Power PDF allows remote attackers to execute arbitrary code by exploiting improper validation during PDF file parsing. This flaw arises due to inadequate checks on user-supplied data, leading to a memory corruption situation. Successful exploitation requires the victim to interact with a malicious webpage or open a compromised PDF file. This poses significant security risks for users of Kofax Power PDF as attackers can execute code within the context of the affected application, potentially leading to unauthorized access and control.",Kofax,Power PDF,7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2024-06-06T18:18:54.144Z,0
CVE-2024-5305,https://securityvulnerability.io/vulnerability/CVE-2024-5305,Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability,"A vulnerability in Kofax Power PDF relates to the improper processing of PDF file content, leading to a stack-based buffer overflow. This flaw allows remote attackers to execute arbitrary code within the context of the affected application. The attack vector requires user interaction, as the recipient must either open a malicious PDF file or visit a harmful webpage containing the exploit. It is imperative for users and administrators to apply necessary security measures to mitigate the risks associated with this vulnerability.",Kofax,Power PDF,7.8,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2024-06-06T18:04:23.845Z,0
CVE-2024-5304,https://securityvulnerability.io/vulnerability/CVE-2024-5304,Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"A vulnerability in Kofax Power PDF allows remote code execution due to improper handling of TGA file parsing. The flaw arises from a lack of validation for user-supplied data, enabling attackers to write beyond the allocated buffer. Exploitation requires user interaction, necessitating that the target either visits a malicious website or opens a specially crafted file. Successful exploitation can result in arbitrary code execution within the context of the current process, posing significant risks to user security.",Kofax,Power PDF,7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2024-06-06T18:04:00.432Z,0
CVE-2024-5303,https://securityvulnerability.io/vulnerability/CVE-2024-5303,Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"The vulnerability within Kofax Power PDF involves a flaw in the parsing of PSD files that can lead to an out-of-bounds write condition. This occurs due to inadequate validation of incoming data from users, specifically when processing malicious files. Attackers can exploit this vulnerability by enticing a user to open a specially crafted PSD file, resulting in potential arbitrary code execution within the context of the application. It is essential for users and organizations to remain vigilant and ensure that they apply necessary patches and updates to mitigate risks associated with this vulnerability.",Kofax,Power PDF,7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2024-06-06T18:03:36.386Z,0
CVE-2024-5302,https://securityvulnerability.io/vulnerability/CVE-2024-5302,Remote Code Execution Vulnerability in Kofax Power PDF Due to PDF File Parsing,"The Kofax Power PDF software has a notable vulnerability related to the parsing of PDF files. This vulnerability arises from inadequate validation of user-supplied data, leading to an out-of-bounds write condition. Attackers can exploit this flaw by enticing users to open a crafted PDF file or visit a malicious web page. If successfully executed, the malicious code may run in the context of the current user process, potentially allowing unauthorized actions or system manipulation. It is imperative for users to remain vigilant and ensure that their installations of Kofax Power PDF are up-to-date, applying available security patches to mitigate this risk. Further details can be found in the advisory from the Zero Day Initiative.",Kofax,Power PDF,7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2024-06-06T17:54:37.289Z,0
CVE-2024-5301,https://securityvulnerability.io/vulnerability/CVE-2024-5301,Heap-based Buffer Overflow Remote Code Execution Vulnerability in Kofax Power PDF,"A vulnerability exists in Kofax Power PDF that affects the parsing of PSD files, resulting in a heap-based buffer overflow. This flaw arises due to insufficient validation of user-supplied data lengths before copying them into a fixed-length heap-based buffer. When exploited, this vulnerability enables remote attackers to execute arbitrary code in the context of the affected process. Successful exploitation requires user interaction, where the target must visit a malicious webpage or open a crafted PSD file designed to exploit this weakness. Protecting against this vulnerability involves ensuring that users are educated about the risks of opening untrusted files and employing security measures to detect and block potential exploits.",Kofax,Power PDF,7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-06-06T17:54:16.772Z,0
CVE-2023-51606,https://securityvulnerability.io/vulnerability/CVE-2023-51606,Remote Code Execution Vulnerability in Kofax Power PDF Due to U3D File Parsing,"A vulnerability exists in Kofax Power PDF related to the parsing of U3D files, which can lead to out-of-bounds read conditions. This flaw is a result of inadequate validation of user-supplied data, allowing attackers to potentially execute arbitrary code within the context of the application. Successful exploitation requires user interaction, as the target must navigate to a malicious page or open a compromised file. Security measures should be taken to mitigate the risks associated with this vulnerability, such as user education and ensuring that all software is kept up-to-date with the latest security patches.",Kofax,Power PDF,7.8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-05-03T03:16:00.000Z,0
CVE-2023-51565,https://securityvulnerability.io/vulnerability/CVE-2023-51565,Remote Code Execution Vulnerability in Kofax Power PDF,"A vulnerability exists in Kofax Power PDF related to the mishandling of XPS files, which can lead to remote code execution. The flaw stems from the failure to validate the existence of objects before performing operations on them. This enables attackers to exploit the vulnerability by enticing users into visiting malicious web pages or opening compromised files, thereby executing arbitrary code within the context of the current process. User interaction is necessary for this exploitation.",Kofax,Power PDF,7.8,HIGH,0.0009899999713525176,false,,false,false,false,,,false,false,,2024-05-03T03:16:00.000Z,0
CVE-2023-51597,https://securityvulnerability.io/vulnerability/CVE-2023-51597,Remote Code Execution Vulnerability in Kofax Power PDF Due to U3D File Parsing,"A vulnerability in Kofax Power PDF related to U3D file parsing allows remote attackers to execute arbitrary code on affected installations. The flaw arises from inadequate validation of user-supplied data, enabling an out-of-bounds write that can occur when a user opens a specially crafted U3D file. Although user interaction is required, this vulnerability presents significant risks as it can allow an attacker to run code in the context of the current process, potentially compromising the integrity and confidentiality of the system.",Kofax,Power PDF,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2024-05-03T03:16:00.000Z,0
CVE-2023-51569,https://securityvulnerability.io/vulnerability/CVE-2023-51569,Remote Code Execution Vulnerability in Kofax Power PDF Due to BMP File Parsing,"A vulnerability in Kofax Power PDF allows remote attackers to execute arbitrary code on systems using affected versions of the software through an out-of-bounds write caused by improper validation of BMP file parsing. This vulnerability necessitates user interaction, as an attacker must entice the user to open a malicious BMP file or visit an attacker-controlled page containing such a file. If exploited, this flaw could enable an attacker to execute code within the context of the current user’s process, potentially compromising sensitive information and system integrity.",Kofax,Power PDF,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2024-05-03T03:16:00.000Z,0
CVE-2023-51566,https://securityvulnerability.io/vulnerability/CVE-2023-51566,Remote Code Execution Vulnerability in Kofax Power PDF Due to OXPS File Parsing Stack-Based Buffer Overflow,"A stack-based buffer overflow vulnerability exists in the OXPS file parsing feature of Kofax Power PDF. By failing to adequately validate the length of user-supplied data before copying it to a fixed-length stack-based buffer, the software allows remote attackers to exploit this flaw. Exploitation requires user interaction, as the target needs to open a malicious OXPS file or visit a web page that triggers the vulnerability. If successfully executed, the attacker can run arbitrary code within the context of the affected process, posing significant risks to system integrity and confidentiality. Users are advised to remain cautious about file sources and consider applying security updates to mitigate potential threats.",Kofax,Power PDF,7.8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-05-03T03:16:00.000Z,0
CVE-2023-51608,https://securityvulnerability.io/vulnerability/CVE-2023-51608,Remote Code Execution Vulnerability in Kofax Power PDF Due to J2K File Parsing Memory Corruption,"A vulnerability has been identified in Kofax Power PDF pertaining to memory corruption during the parsing of J2K files. The flaw arises from inadequate validation of input data supplied by the user, creating a condition that may be exploited by malicious actors. To exploit the vulnerability, an attacker must entice a user into visiting a malicious webpage or opening a compromised file, which could lead to arbitrary code execution in the context of the running process. This issue highlights critical security considerations for users of Kofax Power PDF and emphasizes the importance of vigilance against untrusted sources.",Kofax,Power PDF,7.8,HIGH,0.0013200000394135714,false,,false,false,false,,,false,false,,2024-05-03T03:16:00.000Z,0
CVE-2023-44436,https://securityvulnerability.io/vulnerability/CVE-2023-44436,Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability,"The vulnerability in Kofax Power PDF stems from a flaw in its PDF file parsing mechanism, where the program fails to properly validate the existence of an object before executing operations on it. This lack of validation creates an opportunity for remote attackers to exploit the system by convincing users to visit a malicious web page or open a compromised file. Upon successful exploitation, attackers can execute arbitrary code within the context of the affected application, potentially leading to unauthorized access and system compromise. Users and organizations utilizing Kofax Power PDF are encouraged to remain vigilant and update their software to mitigate the risks associated with this vulnerability.",Kofax,Power PDF,7.8,HIGH,0.0009899999713525176,false,,false,false,false,,,false,false,,2024-05-03T02:14:01.321Z,0
CVE-2023-44435,https://securityvulnerability.io/vulnerability/CVE-2023-44435,Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability,"A vulnerability exists in Kofax Power PDF related to the parsing of PDF files, which can lead to remote code execution. The flaw arises due to the absence of proper validation for object existence before executing operations on it. This allows attackers to craft malicious PDF files that, when opened by the user, can execute arbitrary code in the context of the affected application. Effective exploitation requires user interaction, making it essential for users to be cautious when dealing with suspicious files or links.",Kofax,Power PDF,7.8,HIGH,0.0009899999713525176,false,,false,false,false,,,false,false,,2024-05-03T02:14:00.598Z,0
CVE-2023-44432,https://securityvulnerability.io/vulnerability/CVE-2023-44432,Remote Code Execution Vulnerability in Kofax Power PDF Due to PDF File Parsing,"The vulnerability involves a remote code execution flaw in Kofax Power PDF stemming from improper validation when parsing PDF files. Attackers can exploit this vulnerability by convincing users to open a specially crafted PDF document or visit a malicious website. The lack of adequate controls on user-supplied data can lead to an out-of-bounds write, potentially allowing unauthorized code execution within the context of the affected program. This poses significant security risks for organizations relying on Kofax Power PDF for handling documents, emphasizing the need for immediate patching and preventive measures.",Kofax,Power PDF,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2024-05-03T02:13:58.340Z,0
CVE-2023-42127,https://securityvulnerability.io/vulnerability/CVE-2023-42127,Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"The vulnerability within Kofax Power PDF is related to its handling of PDF file parsing. Specifically, the flaw arises due to insufficient validation of user-supplied input, which can lead to an out-of-bounds write condition. This issue enables remote attackers to execute arbitrary code when a user interacts with a malicious PDF file or visits a harmful webpage. The nature of this vulnerability requires user engagement for exploitation, proving a potential risk for those using affected installations without timely updates.",Kofax,Power PDF,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2024-05-03T02:13:32.815Z,0
CVE-2023-42039,https://securityvulnerability.io/vulnerability/CVE-2023-42039,Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,"A buffer overflow vulnerability in Kofax Power PDF has been identified, which arises from improper validation of user-supplied data during PDF file parsing. This vulnerability could be exploited by remote attackers to execute arbitrary code on affected installations, provided that the user interacts with a malicious PDF file or visits a compromised web page. The flaw is tied to the management of fixed-length heap buffers, creating an opportunity for code execution within the context of the current process. Users are advised to update their installations and adhere to security best practices to mitigate the risk associated with this vulnerability.",Kofax,Power PDF,7.8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-05-03T02:12:25.922Z,0
CVE-2023-42038,https://securityvulnerability.io/vulnerability/CVE-2023-42038,Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,"The vulnerability in Kofax Power PDF is a heap-based buffer overflow that can be exploited by remote attackers to execute arbitrary code. This occurs due to inadequate validation of user-supplied data when parsing PDF files. Specifically, the flaw allows an attacker to manipulate the length of the data before it is copied to a fixed-length heap buffer. Exploitation requires user interaction, where the victim must either visit a malicious webpage or open a compromised PDF file. Once triggered, this vulnerability could lead to unauthorized code execution in the context of the affected process, posing significant security risks.",Kofax,Power PDF,7.8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-05-03T02:12:25.233Z,0
CVE-2023-42037,https://securityvulnerability.io/vulnerability/CVE-2023-42037,Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability,"A vulnerability in Kofax Power PDF arises from improper validation of user-supplied data during the parsing of PDF files. This flaw may lead to a memory corruption condition, enabling remote attackers to run arbitrary code on systems where the software is installed. Exploitation requires user interaction, whereby the targeted individual must either visit a malicious website or open a compromised PDF file. Once the malicious payload is executed, the attacker can operate within the context of the affected process, potentially leading to further system compromise.",Kofax,Power PDF,7.8,HIGH,0.0013200000394135714,false,,false,false,false,,,false,false,,2024-05-03T02:12:24.527Z,0
CVE-2023-42036,https://securityvulnerability.io/vulnerability/CVE-2023-42036,Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability,"A memory corruption vulnerability exists within Kofax Power PDF due to improper validation of user-supplied data during the parsing of PDF files. This flaw enables remote attackers to execute arbitrary code on affected installations through manipulated PDF documents. Successful exploitation necessitates user interaction, as the target must either visit a malicious webpage or open a compromised PDF file. Users of Kofax Power PDF should assess potential exposure to this vulnerability and apply appropriate security measures.",Kofax,Power PDF,7.8,HIGH,0.0013200000394135714,false,,false,false,false,,,false,false,,2024-05-03T02:12:23.750Z,0
CVE-2023-38094,https://securityvulnerability.io/vulnerability/CVE-2023-38094,Kofax Power PDF replacePages Stack-based Buffer Overflow Remote Code Execution Vulnerability,"A vulnerability exists within the implementation of the replacePages method in Kofax Power PDF, which may allow remote attackers to execute arbitrary code on affected installations. The vulnerability arises from the deficient validation of the length of user-supplied data being copied to a stack-based buffer. To exploit this flaw, an attacker must trick the user into interacting with malicious content, such as visiting a harmful website or opening a compromised file. This exploitation can facilitate the execution of code in the context of the current user process, posing risks to data integrity and system security.",Kofax,Power PDF,7.8,HIGH,0.0009299999801442027,false,,false,false,false,,,false,false,,2024-05-03T01:58:57.539Z,0