Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glyphandcog xpdfreader vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2019-12493
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops to...
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-12958
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated.
Glyphandcog Xpdfreader 4.01.01
7.8
CVSSv3
CVE-2019-9587
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified ...
Glyphandcog Xpdfreader 4.01
7.8
CVSSv3
CVE-2019-9588
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecifie...
Glyphandcog Xpdfreader 4.01
7.8
CVSSv3
CVE-2019-9589
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation f...
Glyphandcog Xpdfreader 4.01
7.5
CVSSv3
CVE-2021-40226
xpdfreader 4.03 is vulnerable to Buffer Overflow.
Glyphandcog Xpdfreader 4.03
5.5
CVSSv3
CVE-2019-17064
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
Glyphandcog Xpdfreader 4.02
5.5
CVSSv3
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.
Glyphandcog Xpdfreader 3.04
5.5
CVSSv3
CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002.
Glyphandcog Xpdfreader 2.00
7.8
CVSSv3
CVE-2019-16115
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »