Skip to main content

Htmldoc

11 CVEs product

Monthly

CVE-2024-46478 CRITICAL POC PATCH Act Now

HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Htmldoc
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-45508 CRITICAL POC PATCH Act Now

HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Htmldoc
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-0137 MEDIUM POC PATCH This Month

A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Htmldoc
NVD GitHub
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-34035 HIGH POC PATCH This Week

HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Htmldoc
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-34033 HIGH POC PATCH This Week

HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Htmldoc
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-27114 MEDIUM POC PATCH This Month

There is a vulnerability in htmldoc 1.9.16. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Htmldoc Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-28085 HIGH POC PATCH This Week

A flaw was found in htmldoc commit 31f7804. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption RCE Buffer Overflow Htmldoc
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-24191 MEDIUM POC This Month

In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Htmldoc Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-40985 MEDIUM POC PATCH This Month

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Htmldoc Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-20308 CRITICAL POC Act Now

Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service RCE Htmldoc Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2019-19630 HIGH POC This Week

HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Htmldoc Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Htmldoc
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Htmldoc
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Htmldoc
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Htmldoc
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Htmldoc
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

There is a vulnerability in htmldoc 1.9.16. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Htmldoc +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

A flaw was found in htmldoc commit 31f7804. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption RCE +2
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Htmldoc +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service RCE +2
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Htmldoc +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy