Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop poppler vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2017-2820
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary co...
Freedesktop Poppler 0.53.0
605
VMScore
CVE-2017-2814
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker contr...
Freedesktop Poppler 0.53.0
605
VMScore
CVE-2013-1788
poppler prior to 0.22.1 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
Freedesktop Poppler
605
VMScore
CVE-2013-1790
poppler/Stream.cc in poppler prior to 0.22.1 allows context-dependent malicious users to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
Freedesktop Poppler
605
VMScore
CVE-2007-3387
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler prior to 0.5.91, (2) gpdf prior to 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote malicious users to execute arbitrary code via ...
Xpdfreader Xpdf 3.02
Apple Cups
Freedesktop Poppler
Gpdf Project Gpdf
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
505
VMScore
CVE-2013-4474
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler prior to 0.24.3 allows remote malicious users to cause a denial of service (crash) via format string specifiers in a destination filename.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Freedesktop Poppler 0.24.0
Freedesktop Poppler 0.23.4
Freedesktop Poppler 0.1
Freedesktop Poppler 0.1.1
Freedesktop Poppler 0.10.5
Freedesktop Poppler 0.10.6
Freedesktop Poppler 0.12.2
Freedesktop Poppler 0.12.3
Freedesktop Poppler 0.14.0
Freedesktop Poppler 0.14.1
Freedesktop Poppler 0.15.2
Freedesktop Poppler 0.15.3
Freedesktop Poppler 0.16.7
Freedesktop Poppler 0.17.0
Freedesktop Poppler 0.18.2
Freedesktop Poppler 0.18.3
Freedesktop Poppler 0.2.0
Freedesktop Poppler 0.20.0
Freedesktop Poppler 0.20.1
1 EDB exploit
446
VMScore
CVE-2017-14977
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
445
VMScore
CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
Freedesktop Poppler
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
445
VMScore
CVE-2017-14975
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
445
VMScore
CVE-2017-14976
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »