Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glyphandcog xpdfreader vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-13282
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.8
CVSSv2
CVE-2019-13283
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF do...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.8
CVSSv2
CVE-2019-12957
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an maliciou...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
6.8
CVSSv2
CVE-2019-9587
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified ...
Glyphandcog Xpdfreader 4.01
6.8
CVSSv2
CVE-2019-9588
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecifie...
Glyphandcog Xpdfreader 4.01
6.8
CVSSv2
CVE-2019-9589
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation f...
Glyphandcog Xpdfreader 4.01
6.8
CVSSv2
CVE-2011-0764
t1lib 5.1.2 and previous versions, as used in Xpdf prior to 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote malicious users to execute arbitrary code via a crafted Type 1 font in a PDF document, as demon...
T1lib T1lib 5.0.2
T1lib T1lib 5.0.1
T1lib T1lib 0.6
T1lib T1lib 0.7
T1lib T1lib 1.1.1
T1lib T1lib 1.2
T1lib T1lib 0.2
T1lib T1lib 0.3
T1lib T1lib 0.9.1
T1lib T1lib 0.9.2
T1lib T1lib
T1lib T1lib 5.0.0
T1lib T1lib 0.1
T1lib T1lib 0.8
T1lib T1lib 0.9
T1lib T1lib 1.3
T1lib T1lib 1.3.1
T1lib T1lib 5.1.1
T1lib T1lib 5.1.0
T1lib T1lib 0.4
T1lib T1lib 0.5
T1lib T1lib 1.0
6.8
CVSSv2
CVE-2010-3704
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf prior to 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent malicious users to cause a denial of service (crash) and possib...
Poppler Poppler 0.9.0
Poppler Poppler 0.9.1
Poppler Poppler 0.10.4
Poppler Poppler 0.10.5
Poppler Poppler 0.12.0
Poppler Poppler 0.12.1
Poppler Poppler 0.13.3
Poppler Poppler 0.13.4
Poppler Poppler 0.15.1
Poppler Poppler 0.10.0
Poppler Poppler 0.10.1
Poppler Poppler 0.11.0
Poppler Poppler 0.11.1
Poppler Poppler 0.12.4
Poppler Poppler 0.13.0
Poppler Poppler 0.14.3
Poppler Poppler 0.14.4
Poppler Poppler 0.10.2
Poppler Poppler 0.10.3
Poppler Poppler 0.11.2
Poppler Poppler 0.11.3
Poppler Poppler 0.13.1
6.8
CVSSv2
CVE-2009-1179
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and previous versions, CUPS 1.3.9 and previous versions, Poppler prior to 0.10.6, and other products allows remote malicious users to execute arbitrary code via a crafted PDF file.
Foolabs Xpdf 0.91c
Foolabs Xpdf 0.91b
Foolabs Xpdf 0.93b
Foolabs Xpdf 1.00a
Foolabs Xpdf 0.91a
Foolabs Xpdf 0.92e
Foolabs Xpdf 0.5a
Foolabs Xpdf 0.92b
Foolabs Xpdf 0.93c
Foolabs Xpdf 0.92c
Foolabs Xpdf 0.7a
Foolabs Xpdf 0.93a
Foolabs Xpdf 0.92d
Foolabs Xpdf 0.92a
Glyphandcog Xpdfreader 0.2
Glyphandcog Xpdfreader 0.3
Glyphandcog Xpdfreader 0.4
Glyphandcog Xpdfreader 0.5
Glyphandcog Xpdfreader 0.6
Glyphandcog Xpdfreader 0.80
Glyphandcog Xpdfreader 0.90
Glyphandcog Xpdfreader 1.00
6.8
CVSSv2
CVE-2009-1180
The JBIG2 decoder in Xpdf 3.02pl2 and previous versions, CUPS 1.3.9 and previous versions, Poppler prior to 0.10.6, and other products allows remote malicious users to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
Glyphandcog Xpdfreader
Foolabs Xpdf 1.00a
Glyphandcog Xpdfreader 1.00
Foolabs Xpdf 0.92c
Foolabs Xpdf 0.92b
Glyphandcog Xpdfreader 0.90
Glyphandcog Xpdfreader 0.80
Glyphandcog Xpdfreader 0.2
Glyphandcog Xpdfreader 2.00
Glyphandcog Xpdfreader 1.01
Foolabs Xpdf 0.92e
Foolabs Xpdf 0.92d
Foolabs Xpdf 0.91a
Glyphandcog Xpdfreader 0.91
Glyphandcog Xpdfreader 0.4
Glyphandcog Xpdfreader 0.3
Glyphandcog Xpdfreader 2.03
Glyphandcog Xpdfreader 2.02
Glyphandcog Xpdfreader 2.01
Foolabs Xpdf 0.93a
Glyphandcog Xpdfreader 0.93
Foolabs Xpdf 0.91c
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »