Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poppler vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3628
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows malicious users to modify memory and possibly execute arbitrary code via unknown attack ve...
Xpdf Xpdf
7.5
CVSSv2
CVE-2005-3627
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows malicious users to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is...
Xpdf Xpdf
7.5
CVSSv2
CVE-2005-3192
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote malicious users to execute arbitrary code via a PDF file w...
Xpdf Xpdf 3.0.1
6.9
CVSSv2
CVE-2009-1144
Untrusted search path vulnerability in the Gentoo package of Xpdf prior to 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler librar...
Glyphandcog Xpdfreader 2.03
Glyphandcog Xpdfreader 2.02
Foolabs Xpdf 0.93b
Foolabs Xpdf 0.93a
Glyphandcog Xpdfreader 0.91
Foolabs Xpdf 0.91c
Foolabs Xpdf 0.91b
Foolabs Xpdf 0.5a
Glyphandcog Xpdfreader 0.5
Glyphandcog Xpdfreader 2.01
Glyphandcog Xpdfreader 2.00
Glyphandcog Xpdfreader 0.93
Foolabs Xpdf 0.92e
Foolabs Xpdf 0.91a
Glyphandcog Xpdfreader 0.90
Glyphandcog Xpdfreader 0.4
Glyphandcog Xpdfreader 0.3
Glyphandcog Xpdfreader 1.01
Glyphandcog Xpdfreader 1.00
Foolabs Xpdf 0.92d
Foolabs Xpdf 0.92c
Glyphandcog Xpdfreader 0.80
6.8
CVSSv2
CVE-2021-30860
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a ...
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Ipados
Apple Watchos
Apple Macos
Apple Iphone Os
Xpdfreader Xpdf
Freedesktop Poppler
5 Github repositories
5 Articles
6.8
CVSSv2
CVE-2020-35702
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT ...
Freedesktop Poppler 20.12.1
6.8
CVSSv2
CVE-2012-2142
The error function in Error.cc in poppler prior to 0.21.4 allows remote malicious users to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
Freedesktop Poppler
Xpdfreader Xpdf 3.02
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Opensuse Opensuse 12.2
6.8
CVSSv2
CVE-2018-21009
Poppler prior to 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.
Freedesktop Poppler
6.8
CVSSv2
CVE-2019-12293
In Poppler up to and including 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
Freedesktop Poppler
6.8
CVSSv2
CVE-2019-10872
An issue exists in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.
Freedesktop Poppler 0.74.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »