Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evince vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-9083
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
Freedesktop Poppler 0.54.0
9.3
CVSSv2
CVE-2012-6535
DjVuLibre prior to 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.
Djvulibre Project Djvulibre 3.5.21
Djvulibre Project Djvulibre 3.5.20
Djvulibre Project Djvulibre 3.5.13
Djvulibre Project Djvulibre 3.5.12
Djvulibre Project Djvulibre 3.5.4
Djvulibre Project Djvulibre 3.5.3
Djvulibre Project Djvulibre
Djvulibre Project Djvulibre 3.5.24
Djvulibre Project Djvulibre 3.5.17
Djvulibre Project Djvulibre 3.5.16
Djvulibre Project Djvulibre 3.5.9
Djvulibre Project Djvulibre 3.5.8
Djvulibre Project Djvulibre 3.5.23
Djvulibre Project Djvulibre 3.5.22
Djvulibre Project Djvulibre 3.5.15
Djvulibre Project Djvulibre 3.5.14
Djvulibre Project Djvulibre 3.5.7
Djvulibre Project Djvulibre 3.5.6
Djvulibre Project Djvulibre 3.5.5
Djvulibre Project Djvulibre 3.5.19
Djvulibre Project Djvulibre 3.5.18
Djvulibre Project Djvulibre 3.5.11
6.8
CVSSv2
CVE-2011-5244
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary...
Gnome Evince -
Tetex Tetex 3.0
T1lib T1lib
6.8
CVSSv2
CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a craft...
T1lib T1lib
Gnome Evince -
Tetex Tetex 3.0
NA
CVE-2010-26432
Jon Larimer from IBM X-Force Advanced Research discovered multiple vulnerabilities in the DVI backend of the Evince document viewer: CVE-2010-2640 Insufficient array bounds checks in the PK fonts parser could lead to function pointer overwrite, causing arbitrary code execution. C...
7.6
CVSSv2
CVE-2010-2640
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is pr...
Redhat Evince 2.31.92
Redhat Evince 2.31.90
Redhat Evince 2.31.2
Redhat Evince 2.31.1
Redhat Evince 2.25
Redhat Evince 2.24
Redhat Evince 0.9
Redhat Evince 0.6
Redhat Evince 2.31.4.1
Redhat Evince 2.31.4
Redhat Evince 2.29
Redhat Evince 2.28
Redhat Evince 2.22
Redhat Evince 2.19
Redhat Evince 0.5
Redhat Evince 0.2
Redhat Evince 2.31.6.1
Redhat Evince 2.31.6
Redhat Evince 2.29.92
Redhat Evince 2.31
Redhat Evince 2.30
Redhat Evince 2.23
7.6
CVSSv2
CVE-2010-2641
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is pr...
Redhat Evince
Redhat Evince 2.31
Redhat Evince 2.24
Redhat Evince 2.28
Redhat Evince 2.27
Redhat Evince 2.20
Redhat Evince 2.19
Redhat Evince 0.3
Redhat Evince 0.2
Redhat Evince 2.30.3
Redhat Evince 2.30.2
Redhat Evince 2.30
Redhat Evince 2.29
Redhat Evince 2.22
Redhat Evince 2.21
Redhat Evince 0.5
Redhat Evince 0.4
Redhat Evince 2.31.90
Redhat Evince 2.31.4
Redhat Evince 2.23
Redhat Evince 0.7
Redhat Evince 0.6
7.6
CVSSv2
CVE-2010-2642
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and previous versions, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary co...
Redhat Evince 2.31.92
Redhat Evince 2.31.4.1
Redhat Evince 2.31.6
Redhat Evince 2.31.1
Redhat Evince 2.29.92
Redhat Evince 2.25
Redhat Evince 2.24
Redhat Evince 0.6
Redhat Evince 0.7
Tug Tetex 3.0
T1lib T1lib 5.1.2
Redhat Evince 2.31.4
Redhat Evince 2.30.3
Redhat Evince 2.29
Redhat Evince 2.28
Redhat Evince 2.22
Redhat Evince 2.19
Redhat Evince 0.2
Redhat Evince 0.3
Redhat Evince 2.31.6.1
Redhat Evince 2.31.90
Redhat Evince 2.31
7.6
CVSSv2
CVE-2010-2643
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Redhat Evince 2.31.4.1
Redhat Evince 2.31.6
Redhat Evince 2.29.92
Redhat Evince 2.31
Redhat Evince 2.24
Redhat Evince 2.23
Redhat Evince 2.31.92
Redhat Evince 2.32
Redhat Evince 2.30.2
Redhat Evince 2.31.2
Redhat Evince 2.31.1
Redhat Evince 2.26
Redhat Evince 2.25
Redhat Evince 0.8
Redhat Evince 0.9
Redhat Evince 2.31.6.1
Redhat Evince 2.31.90
Redhat Evince 2.30
Redhat Evince 2.29
Redhat Evince 2.21
Redhat Evince 2.22
Redhat Evince 0.4
6.8
CVSSv2
CVE-2008-1693
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly prior to 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote malicious users to execute arbitrary code via a cr...
Poppler Poppler 0.1
Poppler Poppler 0.1.1
Poppler Poppler 0.4.0
Poppler Poppler 0.4.1
Poppler Poppler 0.5.3
Poppler Poppler 0.5.4
Poppler Poppler 0.7.0
Poppler Poppler 0.7.1
Poppler Poppler 0.1.2
Poppler Poppler 0.2.0
Poppler Poppler 0.4.2
Poppler Poppler 0.4.3
Poppler Poppler 0.5.9
Poppler Poppler 0.5.91
Poppler Poppler 0.7.2
Poppler Poppler
Poppler Poppler 0.3.0
Poppler Poppler 0.3.1
Poppler Poppler 0.4.4
Poppler Poppler 0.5.0
Poppler Poppler 0.6.0
Poppler Poppler 0.6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »