Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-9589
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation f...
Glyphandcog Xpdfreader 4.01
7.8
CVSSv3
CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf prior to 4.00 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
Xpdfreader Xpdf 4.00
7.8
CVSSv3
CVE-2018-8100
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
7.8
CVSSv3
CVE-2017-7698
A Use After Free in the pdf2swf part of swftools 0.9.2 and previous versions allows remote malicious users to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.
Swftools Swftools
1 Github repository
7.5
CVSSv3
CVE-2021-36493
Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows malicious users to crash the application via crafted command.
Xpdfreader Xpdf 4.03
7.5
CVSSv3
CVE-2020-35376
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.
Xpdfreader Xpdf 4.02
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2002-1372
Common Unix Printing System (CUPS) 1.1.14 up to and including 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote malicious user to cause a denial of service (resource exhaustion) by causing file descriptors to be ass...
Apple Cups
Apple Mac Os X 10.2.2
Apple Mac Os X 10.2
Debian Debian Linux 2.2
Debian Debian Linux 3.0
7.1
CVSSv3
CVE-2019-12515
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Information Disclosure or ...
Glyphandcog Xpdfreader 4.01.01
7.1
CVSSv3
CVE-2019-12493
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops to...
Glyphandcog Xpdfreader 4.01.01
7.1
CVSSv3
CVE-2019-12360
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an malicious user to cause Denial of Service or leak...
Glyphandcog Xpdfreader 4.01.01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »