Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glyphandcog xpdfreader vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-9588
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecifie...
Glyphandcog Xpdfreader 4.01
7.8
CVSSv3
CVE-2019-9589
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation f...
Glyphandcog Xpdfreader 4.01
7.5
CVSSv3
CVE-2021-40226
xpdfreader 4.03 is vulnerable to Buffer Overflow.
Glyphandcog Xpdfreader 4.03
7.1
CVSSv3
CVE-2019-12515
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Information Disclosure or ...
Glyphandcog Xpdfreader 4.01.01
7.1
CVSSv3
CVE-2019-12493
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops to...
Glyphandcog Xpdfreader 4.01.01
7.1
CVSSv3
CVE-2019-12360
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an malicious user to cause Denial of Service or leak...
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-17064
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
Glyphandcog Xpdfreader 4.02
5.5
CVSSv3
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.
Glyphandcog Xpdfreader 3.04
5.5
CVSSv3
CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002.
Glyphandcog Xpdfreader 2.00
5.5
CVSSv3
CVE-2019-14292
An issue exists in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.
Glyphandcog Xpdfreader 4.01.01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »