VYPR
Vendor

Flexpaper

Products
3
CVEs
19
Across products
20
Status
Private

Products

3

Recent CVEs

19
  • CVE-2018-11686CriJul 3, 2019
    risk 0.71cvss 9.8epss 0.50

    The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.

  • CVE-2020-23878CriNov 10, 2021
    risk 0.64cvss 9.8epss 0.02

    pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch.

  • CVE-2018-14947HigAug 5, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete).

  • CVE-2018-14946HigAug 5, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue has been found in PDF2JSON 0.69. The HtmlString class in ImgOutputDev.cc has Mismatched Memory Management Routines (malloc versus operator delete).

  • CVE-2024-28699HigApr 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A buffer overflow vulnerability in pdf2json v0.70 allows a local attacker to execute arbitrary code via the GString::copy() and ImgOutputDev::ImgOutputDev function.

  • CVE-2020-23879HigNov 10, 2021
    risk 0.49cvss 7.5epss 0.01

    pdf2json v0.71 was discovered to contain a NULL pointer dereference in the component ObjectStream::getObject.

  • CVE-2014-9678MedOct 17, 2017
    risk 0.40cvss 6.1epss 0.01

    FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing attacks via the Swfile parameter.

  • CVE-2014-9677MedOct 17, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the Swfile parameter.

  • CVE-2020-19475MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function CCITTFaxStream::lookChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 2 .

  • CVE-2020-19474MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function Gfx::doShowText in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an Use After Free .

  • CVE-2020-19473MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an uncaught floating point exception.

  • CVE-2020-19472MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function DCTStream::readHuffSym in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 2 .

  • CVE-2020-19471MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 .

  • CVE-2020-19470MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function DCTStream::getChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a NULL pointer dereference (invalid read of size 1) .

  • CVE-2020-19468MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function EmbedStream::getChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a null pointer derefenrece (invalid read of size 8) .

  • CVE-2020-19467MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an Illegal Use After Free .

  • CVE-2020-19466MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 1 .

  • CVE-2020-19465MedJul 21, 2021
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in function ObjectStream::getObject in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 .

  • CVE-2020-18750HigFeb 5, 2021
    risk 0.00cvss 7.8epss 0.01

    Buffer overflow in pdf2json 0.69 allows local users to execute arbitrary code by converting a crafted PDF file.