📦 Sumatrapdf

This vulnerability allows network attackers to intercept SumatraPDF's update requests and deliver malicious installers due to disabled TLS hostname verification and missing signature checks. Attackers...

SumatraPDF versions 3.5.2 and earlier contain a vulnerability where clicking 'Show in folder' in the File menu executes explorer.exe from the same directory as the opened PDF file. This allows attacke...

SumatraPDF versions 3.5.2 and earlier contain an untrusted search path vulnerability that allows arbitrary code execution. When users trigger the Advanced Options setting, the application executes not...

A null pointer dereference vulnerability in SumatraPDF 3.5.2 allows attackers to crash the application by tricking users into opening a malicious .djvu file. This affects all users running the vulnera...

A heap out-of-bounds read vulnerability in SumatraPDF's MOBI HuffDic decompressor allows reading beyond allocated memory bounds when processing malicious .mobi files. This affects all users of Sumatra...

SumatraPDF contains an off-by-one error when processing specially crafted Mobi files, causing an integer underflow that leads to an out-of-bounds heap read and application crash. This affects all Wind...