CVE-2025-9394 – PoDoFo PDF Dictionary Parser Use After Free Vulnerability

August 24, 2025

CVE ID : CVE-2025-9394

Published : Aug. 24, 2025, 4:15 p.m. | 8 hours, 42 minutes ago

Description : A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been published and may be used. This patch is called 22d16cb142f293bf956f66a4d399cdd65576d36c. A patch should be applied to remediate this issue.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-9395 – Wangsongyan Wblog SRFO (Server-Side Request Forgery)

Next Article CVE-2025-9393 – “Linksys RE Series Stack-Based Buffer Overflow Vulnerability”

Microsoft donates DocumentDB to the Linux Foundation

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

ChatGPT is reportedly scraping Google Search data to answer your questions – here’s how

The 10 best early Labor Day deals live now: Save on Apple, Samsung and more

5 rumored Apple iPhone Fold features that have me excited (and frustrated at the same time)

Forget plug-and-play AI: Here’s what successful AI projects do differently

Log Outgoing HTTP Requests with the Laravel Spy Package

Log Outgoing HTTP Requests with the Laravel Spy Package

devdojo/auth

Rust Slices: Cutting Into References the Safe Way

Best AI Girlfriend Simulator [2025 Working Apps and Websites]

Best AI Girlfriend Simulator [2025 Working Apps and Websites]

8 Best Paid and Free AI Sexting Chat Apps in 2025

Best AI Anime Art Generator: 7 Best to Use [Free & Premium]

CVE-2025-9394 – PoDoFo PDF Dictionary Parser Use After Free Vulnerability

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Buffalo Police Detective Indicted for Attempted Purchases on Genesis Market

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Google reCAPTCHA v2 vs v3 – Which is Right for Your Website?

Weekend 2 of the Battlefield 6 Open Beta is upon us — here’s its start time and what’s new, including a nifty feature to address all those server browser complaints

CVE-2025-48121 – Steve Puddick WP Notes Widget Cross-site Scripting

Humans forget, assistants too.

New method assesses and improves the reliability of radiologists’ diagnostic reports

Rethinking Information Retrieval in MongoDB with Voyage AI

CVE-2025-9415 – GreenCMS Unrestricted File Upload Vulnerability

CVE-2025-9394 – PoDoFo PDF Dictionary Parser Use After Free Vulnerability

Related Posts