Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poppler vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-14519
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).
Freedesktop Poppler 0.59.0
6.5
CVSSv3
CVE-2022-38349
An issue exists in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.
Freedesktop Poppler 22.08.0
6.5
CVSSv3
CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows malicious users to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the...
Freedesktop Poppler 22.07.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2022-37051
An issue exists in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
Freedesktop Poppler 22.07.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2022-37052
A reachable Object::getString assertion in Poppler 22.07.0 allows malicious users to cause a denial of service due to a failure in markObject.
Freedesktop Poppler 22.07.0
6.5
CVSSv3
CVE-2020-18839
Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows malicious users to cause a denial of service.
Freedesktop Poppler 0.75.0
6.5
CVSSv3
CVE-2020-36023
An issue exists in freedesktop poppler version 20.12.1, allows remote malicious users to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
Freedesktop Poppler 20.12.1
6.5
CVSSv3
CVE-2022-27337
A logic error in the Hints::Hints function of Poppler v22.03.0 allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Freedesktop Poppler 22.03.0
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2010-4653
An integer overflow condition in poppler prior to 0.16.3 can occur when parsing CharCodes for fonts.
Freedesktop Poppler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and previous versions doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonst...
Freedesktop Poppler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »