Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2018-7455
An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary.
Xpdfreader Xpdf 4.03
384
VMScore
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
Glyphandcog Xpdfreader 4.01.01
2 Github repositories
605
VMScore
CVE-2019-13289
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool.
Glyphandcog Xpdfreader 4.01.01
606
VMScore
CVE-2020-24996
There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote malicious user to cause a Denial of Service (Segmentatio...
Xpdfreader Xpdf 4.0.2
605
VMScore
CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf prior to 4.00 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
Xpdfreader Xpdf 4.00
606
VMScore
CVE-2018-8100
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-8102
The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows malicious users to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-8105
The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-8107
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »