Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader xpdf vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-9587
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified ...
Glyphandcog Xpdfreader 4.01
7.8
CVSSv3
CVE-2019-9588
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecifie...
Glyphandcog Xpdfreader 4.01
7.8
CVSSv3
CVE-2019-9589
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation f...
Glyphandcog Xpdfreader 4.01
7.8
CVSSv3
CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf prior to 4.00 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
Xpdfreader Xpdf 4.00
7.8
CVSSv3
CVE-2018-8100
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
7.5
CVSSv3
CVE-2021-36493
Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows malicious users to crash the application via crafted command.
Xpdfreader Xpdf 4.03
7.5
CVSSv3
CVE-2020-35376
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.
Xpdfreader Xpdf 4.02
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.1
CVSSv3
CVE-2019-12515
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Information Disclosure or ...
Glyphandcog Xpdfreader 4.01.01
7.1
CVSSv3
CVE-2019-12493
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops to...
Glyphandcog Xpdfreader 4.01.01
7.1
CVSSv3
CVE-2019-12360
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an malicious user to cause Denial of Service or leak...
Glyphandcog Xpdfreader 4.01.01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »