Unrtf Project

unrtf_project

5 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-65411 1Unrtf Project 1Unrtf Jan 9, 2026 Dec 30, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter.
CVE-2025-65410 1Unrtf Project 1Unrtf Jan 6, 2026 Dec 23, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
CVE-2016-10091 1Unrtf Project 1Unrtf May 13, 2026 Apr 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function...Show more Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.Show less
CVE-2014-9275 1Unrtf Project 1Unrtf May 6, 2026 Dec 9, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.
CVE-2014-9274 4Debian FedoraprojectMageia Project+1 more 4Debian Linux FedoraMageia+1 more May 6, 2026 Dec 9, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".