Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poppler poppler vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-5393
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote malicious users to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
Xpdf Xpdf 3.02p11
7.6
CVSSv2
CVE-2007-4352
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote malicious users to trigger memory corruption and execute arbitrary code via a crafted PDF file.
Xpdf Xpdf 3.0.1 Pl1
7.6
CVSSv2
CVE-2006-1244
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPa...
Xpdf Xpdf 2.0
Libextractor Libextractor 0.3.11
Xpdf Xpdf 3.0 Pl3
Xpdf Xpdf 1.0
Libextractor Libextractor 0.4.1
Libextractor Libextractor 0.4.2
Xpdf Xpdf 3.0.1 Pl1
Xpdf Xpdf 0.91
Libextractor Libextractor 0.4
Libextractor Libextractor 0.3.8
Xpdf Xpdf 2.3
Xpdf Xpdf 0.92
Xpdf Xpdf 3.0.1
Gnome Gpdf 2.8.2
Xpdf Xpdf 1.0a
Libextractor Libextractor 0.3.9
Xpdf Xpdf 2.2
Xpdf Xpdf 3.0 Pl2
Xpdf Xpdf 2.1
Xpdf Xpdf 0.90
Xpdf Xpdf 3.0
Libextractor Libextractor 0.5
7.5
CVSSv2
CVE-2019-9631
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
Freedesktop Poppler 0.74.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2013-4473
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler prior to 0.24.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
Freedesktop Poppler 0.16.4
Freedesktop Poppler 0.12.1
Freedesktop Poppler 0.14.3
Freedesktop Poppler 0.11.0
Freedesktop Poppler 0.16.7
Freedesktop Poppler 0.23.1
Freedesktop Poppler 0.10.2
Freedesktop Poppler 0.6.4
Freedesktop Poppler 0.8.2
Freedesktop Poppler 0.12.2
Freedesktop Poppler 0.21.3
Freedesktop Poppler 0.8.6
Freedesktop Poppler 0.18.4
Freedesktop Poppler 0.10.6
Freedesktop Poppler 0.13.3
Freedesktop Poppler 0.22.3
Freedesktop Poppler 0.5.9
Freedesktop Poppler 0.16.0
Freedesktop Poppler 0.10.1
Freedesktop Poppler 0.11.1
Freedesktop Poppler 0.24.0
Freedesktop Poppler 0.17.1
7.5
CVSSv2
CVE-2010-3702
The Gfx::getPos function in the PDF parser in xpdf prior to 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent malicious users to cause a denial of service (crash) via unknown vectors that trigg...
Freedesktop Poppler
Xpdfreader Xpdf 3.02
Xpdfreader Xpdf
Apple Cups
Fedoraproject Fedora 13
Fedoraproject Fedora 12
Fedoraproject Fedora 14
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 10
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
7.5
CVSSv2
CVE-2009-3904
classes/session/cc_admin_session.php in CubeCart 4.3.4 does not properly restrict administrative access permissions, which allows remote malicious users to bypass restrictions and gain administrative access via a HTTP request that contains an empty (1) sessID (ccAdmin cookie), (2...
Cubecart Cubecart 4.3.4
1 EDB exploit
7.5
CVSSv2
CVE-2009-1182
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and previous versions, CUPS 1.3.9 and previous versions, Poppler prior to 0.10.6, and other products allow remote malicious users to execute arbitrary code via a crafted PDF file.
Foolabs Xpdf 0.91c
Foolabs Xpdf 0.91b
Foolabs Xpdf 0.93b
Foolabs Xpdf 1.00a
Foolabs Xpdf 0.91a
Foolabs Xpdf 0.92e
Foolabs Xpdf 0.5a
Foolabs Xpdf 0.92b
Foolabs Xpdf 0.93c
Foolabs Xpdf 0.92c
Foolabs Xpdf 0.7a
Foolabs Xpdf 0.93a
Foolabs Xpdf 0.92d
Foolabs Xpdf 0.92a
Glyphandcog Xpdfreader 0.2
Glyphandcog Xpdfreader 0.3
Glyphandcog Xpdfreader 0.4
Glyphandcog Xpdfreader 0.5
Glyphandcog Xpdfreader 0.6
Glyphandcog Xpdfreader 0.80
Glyphandcog Xpdfreader 0.90
Glyphandcog Xpdfreader 1.00
7.5
CVSSv2
CVE-2008-2950
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and previous versions deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote malicious users to execute arbitrary code via a crafted PDF document.
Poppler Poppler
1 EDB exploit
7.5
CVSSv2
CVE-2006-0301
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows malicious users to cause a denial of service and possibly execute arbitrary code via crafted splash images that prod...
Xpdf Xpdf
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »