Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader xpdf 4.01.01 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-16115
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-14289
An issue exists in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-14293
An issue exists in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-14291
An issue exists in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3.
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-14292
An issue exists in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.
Glyphandcog Xpdfreader 4.01.01
7.8
CVSSv3
CVE-2019-14288
An issue exists in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-14290
An issue exists in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-14294
An issue exists in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Informat...
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
Glyphandcog Xpdfreader 4.01.01
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »