Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop poppler vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2019-12293
In Poppler up to and including 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
Freedesktop Poppler
383
VMScore
CVE-2017-7515
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.
Freedesktop Poppler
NA
CVE-2023-34872
A vulnerability in Outline.cc for Poppler before 23.06.0 allows a remote malicious user to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
Freedesktop Poppler
605
VMScore
CVE-2020-35702
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT ...
Freedesktop Poppler 20.12.1
383
VMScore
CVE-2017-9083
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
Freedesktop Poppler 0.54.0
383
VMScore
CVE-2017-14517
In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document.
Freedesktop Poppler 0.59.0
605
VMScore
CVE-2017-14617
In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files.
Freedesktop Poppler 0.59.0
NA
CVE-2020-36023
An issue exists in freedesktop poppler version 20.12.1, allows remote malicious users to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
Freedesktop Poppler 20.12.1
605
VMScore
CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be u...
Freedesktop Poppler 0.53.0
NA
CVE-2022-37052
A reachable Object::getString assertion in Poppler 22.07.0 allows malicious users to cause a denial of service due to a failure in markObject.
Freedesktop Poppler 22.07.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »