Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop poppler vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2010-4654
poppler prior to 0.16.3 has malformed commands that may cause corruption of the internal stack.
Freedesktop Poppler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
668
VMScore
CVE-2019-9631
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
Freedesktop Poppler 0.74.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
668
VMScore
CVE-2013-4473
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler prior to 0.24.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
Freedesktop Poppler 0.22.4
Freedesktop Poppler 0.22.3
Freedesktop Poppler 0.1
Freedesktop Poppler 0.1.1
Freedesktop Poppler 0.11.3
Freedesktop Poppler 0.12.0
Freedesktop Poppler 0.12.1
Freedesktop Poppler 0.12.2
Freedesktop Poppler 0.12.3
Freedesktop Poppler 0.15.0
Freedesktop Poppler 0.15.1
Freedesktop Poppler 0.15.2
Freedesktop Poppler 0.15.3
Freedesktop Poppler 0.18.0
Freedesktop Poppler 0.18.1
Freedesktop Poppler 0.18.2
Freedesktop Poppler 0.18.3
Freedesktop Poppler 0.21.0
Freedesktop Poppler 0.21.1
Freedesktop Poppler 0.21.2
Freedesktop Poppler 0.21.3
Freedesktop Poppler 0.4.4
668
VMScore
CVE-2010-3702
The Gfx::getPos function in the PDF parser in xpdf prior to 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent malicious users to cause a denial of service (crash) via unknown vectors that trigg...
Apple Cups
Freedesktop Poppler
Xpdfreader Xpdf
Xpdfreader Xpdf 3.02
Fedoraproject Fedora 12
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Opensuse Opensuse 11.1
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
607
VMScore
CVE-2021-30860
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a ...
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Ipados
Apple Watchos
Apple Macos
Apple Iphone Os
Xpdfreader Xpdf
Freedesktop Poppler
5 Github repositories
5 Articles
606
VMScore
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as ...
Freedesktop Poppler 0.73.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
605
VMScore
CVE-2020-35702
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT ...
Freedesktop Poppler 20.12.1
605
VMScore
CVE-2012-2142
The error function in Error.cc in poppler prior to 0.21.4 allows remote malicious users to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
Freedesktop Poppler
Xpdfreader Xpdf 3.02
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Opensuse Opensuse 12.2
605
VMScore
CVE-2018-21009
Poppler prior to 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.
Freedesktop Poppler
605
VMScore
CVE-2019-12293
In Poppler up to and including 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
Freedesktop Poppler
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »