Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop poppler vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-38349
An issue exists in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.
Freedesktop Poppler 22.08.0
7.8
CVSSv3
CVE-2017-14617
In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files.
Freedesktop Poppler 0.59.0
6.5
CVSSv3
CVE-2017-9083
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
Freedesktop Poppler 0.54.0
5.5
CVSSv3
CVE-2020-36024
An issue exists in freedesktop poppler version 20.12.1, allows remote malicious users to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
Freedesktop Poppler 20.12.1
6.5
CVSSv3
CVE-2019-10871
An issue exists in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
Freedesktop Poppler 0.74.0
6.5
CVSSv3
CVE-2019-10873
An issue exists in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
Freedesktop Poppler 0.74.0
8.8
CVSSv3
CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be u...
Freedesktop Poppler 0.53.0
6.5
CVSSv3
CVE-2020-36023
An issue exists in freedesktop poppler version 20.12.1, allows remote malicious users to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
Freedesktop Poppler 20.12.1
8.8
CVSSv3
CVE-2017-2814
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker contr...
Freedesktop Poppler 0.53.0
8.8
CVSSv3
CVE-2017-2820
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary co...
Freedesktop Poppler 0.53.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »