Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop poppler vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-2814
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker contr...
Freedesktop Poppler 0.53.0
5.5
CVSSv3
CVE-2020-36024
An issue exists in freedesktop poppler version 20.12.1, allows remote malicious users to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
Freedesktop Poppler 20.12.1
5.5
CVSSv3
CVE-2017-14517
In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document.
Freedesktop Poppler 0.59.0
7.8
CVSSv3
CVE-2017-14520
In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.
Freedesktop Poppler 0.59.0
7.8
CVSSv3
CVE-2017-14617
In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files.
Freedesktop Poppler 0.59.0
7.8
CVSSv3
CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability...
Xpdfreader Xpdf 4.04
Freedesktop Poppler
1 Github repository
6.5
CVSSv3
CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows malicious users to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the...
Freedesktop Poppler 22.07.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2022-37051
An issue exists in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
Freedesktop Poppler 22.07.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2020-23804
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote malicious users to cause a denial of service via crafted input.
Freedesktop Poppler 0.89.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2017-14926
In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document.
Freedesktop Poppler 0.59.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »