Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poppler poppler vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-14927
In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document.
Freedesktop Poppler 0.59.0
5
CVSSv2
CVE-2017-14929
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vu...
Freedesktop Poppler 0.59.0
6.8
CVSSv2
CVE-2017-2814
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker contr...
Freedesktop Poppler 0.53.0
4.3
CVSSv2
CVE-2019-10871
An issue exists in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
Freedesktop Poppler 0.74.0
4.3
CVSSv2
CVE-2019-10873
An issue exists in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
Freedesktop Poppler 0.74.0
NA
CVE-2020-36023
An issue exists in freedesktop poppler version 20.12.1, allows remote malicious users to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
Freedesktop Poppler 20.12.1
NA
CVE-2020-36024
An issue exists in freedesktop poppler version 20.12.1, allows remote malicious users to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
Freedesktop Poppler 20.12.1
NA
CVE-2022-38349
An issue exists in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.
Freedesktop Poppler 22.08.0
6.8
CVSSv2
CVE-2019-9543
An issue exists in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfseparate binary. It allows an malicious user to cause Denial of Service (Segmentatio...
Freedesktop Poppler 0.74.0
6.8
CVSSv2
CVE-2019-9545
An issue exists in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an malicious user to cause Denial of Service (Segmentation fau...
Freedesktop Poppler 0.74.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »