Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poppler vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-14977
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
5
CVSSv2
CVE-2017-14929
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vu...
Freedesktop Poppler 0.59.0
5
CVSSv2
CVE-2017-14519
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).
Freedesktop Poppler 0.59.0
5
CVSSv2
CVE-2013-7296
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler prior to 0.24.5 does not use the correct specifier within a format string, which allows context-dependent malicious users to cause a denial of service (segmentation fault and application crash) via a crafted PDF fi...
Freedesktop Poppler 0.23.3
Freedesktop Poppler 0.23.2
Freedesktop Poppler 0.22.0
Freedesktop Poppler 0.21.4
Freedesktop Poppler 0.20.3
Freedesktop Poppler 0.20.2
Freedesktop Poppler 0.19.0
Freedesktop Poppler 0.18.4
Freedesktop Poppler 0.17.2
Freedesktop Poppler 0.17.1
Freedesktop Poppler 0.16.2
Freedesktop Poppler 0.16.1
Freedesktop Poppler 0.14.3
Freedesktop Poppler 0.14.2
Freedesktop Poppler 0.13.0
Freedesktop Poppler 0.12.4
Freedesktop Poppler 0.11.1
Freedesktop Poppler 0.11.0
Freedesktop Poppler 0.10.0
Freedesktop Poppler 0.1.2
Freedesktop Poppler
Freedesktop Poppler 0.24.2
5
CVSSv2
CVE-2013-4474
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler prior to 0.24.3 allows remote malicious users to cause a denial of service (crash) via format string specifiers in a destination filename.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Freedesktop Poppler 0.24.0
Freedesktop Poppler 0.23.4
Freedesktop Poppler 0.1
Freedesktop Poppler 0.1.1
Freedesktop Poppler 0.10.5
Freedesktop Poppler 0.10.6
Freedesktop Poppler 0.12.2
Freedesktop Poppler 0.12.3
Freedesktop Poppler 0.14.0
Freedesktop Poppler 0.14.1
Freedesktop Poppler 0.15.2
Freedesktop Poppler 0.15.3
Freedesktop Poppler 0.16.7
Freedesktop Poppler 0.17.0
Freedesktop Poppler 0.18.2
Freedesktop Poppler 0.18.3
Freedesktop Poppler 0.2.0
Freedesktop Poppler 0.20.0
Freedesktop Poppler 0.20.1
1 EDB exploit
5
CVSSv2
CVE-2009-1187
Integer overflow in the JBIG2 decoding feature in Poppler prior to 0.10.6 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Poppler Poppler 0.7.3
Poppler Poppler 0.3.2
Poppler Poppler 0.10.3
Poppler Poppler 0.4.0
Poppler Poppler 0.8.5
Poppler Poppler 0.9.3
Poppler Poppler 0.10.1
Poppler Poppler 0.10.0
Poppler Poppler 0.7.1
Poppler Poppler 0.6.1
Poppler Poppler 0.3.1
Poppler Poppler 0.5.2
Poppler Poppler 0.5.91
Poppler Poppler 0.6.0
Poppler Poppler 0.3.3
Poppler Poppler 0.4.2
Poppler Poppler 0.10.4
Poppler Poppler 0.9.2
Poppler Poppler 0.6.4
Poppler Poppler 0.1.2
Poppler Poppler 0.8.0
Poppler Poppler 0.8.3
5
CVSSv2
CVE-2009-1188
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x prior to 3.02pl4 and Poppler prior to 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote malicious users to execute arbitrary code or cause a denial o...
Poppler Poppler 0.7.3
Poppler Poppler 0.3.2
Poppler Poppler 0.10.3
Poppler Poppler 0.4.0
Poppler Poppler 0.8.5
Poppler Poppler 0.9.3
Poppler Poppler 0.10.1
Poppler Poppler 0.10.0
Poppler Poppler 0.7.1
Poppler Poppler 0.6.1
Poppler Poppler 0.3.1
Poppler Poppler 0.5.2
Poppler Poppler 0.5.91
Poppler Poppler 0.6.0
Poppler Poppler 0.3.3
Poppler Poppler 0.4.2
Poppler Poppler 0.10.4
Poppler Poppler 0.9.2
Poppler Poppler 0.6.4
Poppler Poppler 0.1.2
Poppler Poppler 0.8.0
Poppler Poppler 0.8.3
5
CVSSv2
CVE-2009-0756
The JBIG2Stream::readSymbolDictSeg function in Poppler prior to 0.10.4 allows remote malicious users to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memor...
Poppler Poppler 0.1
Poppler Poppler 0.1.1
Poppler Poppler 0.3.2
Poppler Poppler 0.5.91
Poppler Poppler 0.4.2
Poppler Poppler 0.4.3
Poppler Poppler 0.5.90
Poppler Poppler 0.5.9
Poppler Poppler
Poppler Poppler 0.3.0
Poppler Poppler 0.3.1
Poppler Poppler 0.7.0
Poppler Poppler 0.7.3
Poppler Poppler 0.5.1
Poppler Poppler 0.5.0
Poppler Poppler 0.4.4
Poppler Poppler 0.6.1
Poppler Poppler 0.6.0
Poppler Poppler 0.2.0
Poppler Poppler 0.10.1
Poppler Poppler 0.7.2
Poppler Poppler 0.6.4
1 EDB exploit
5
CVSSv2
CVE-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler prior to 0.10.4 allows remote malicious users to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
Poppler Poppler 0.1.1
Poppler Poppler 0.1.2
Poppler Poppler 0.7.1
Poppler Poppler 0.7.2
Poppler Poppler 0.3.3
Poppler Poppler 0.5.2
Poppler Poppler 0.5.3
Poppler Poppler 0.6.3
Poppler Poppler 0.1
Poppler Poppler 0.5.91
Poppler Poppler 0.8.4
Poppler Poppler 0.4.1
Poppler Poppler 0.4.0
Poppler Poppler 0.5.9
Poppler Poppler 0.5.4
Poppler Poppler 0.10.2
Poppler Poppler 0.10.1
Poppler Poppler 0.3.1
Poppler Poppler 0.3.2
Poppler Poppler 0.4.2
Poppler Poppler 0.4.3
Poppler Poppler 0.4.4
1 EDB exploit
5
CVSSv2
CVE-2005-3624
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows malicious users to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integ...
Kde Kdegraphics 3.2
Kde Kdegraphics 3.4.3
Sgi Propack 3.0
Tetex Tetex 1.0.7
Libextractor Libextractor
Easy Software Products Cups 1.1.23
Easy Software Products Cups 1.1.23 Rc1
Kde Kword 1.4.2
Poppler Poppler 0.4.2
Xpdf Xpdf 3.0
Conectiva Linux 10.0
Easy Software Products Cups 1.1.22
Easy Software Products Cups 1.1.22 Rc1
Kde Koffice 1.4.2
Kde Kpdf 3.2
Kde Kpdf 3.4.3
Tetex Tetex 2.0.2
Tetex Tetex 3.0
Kde Koffice 1.4
Kde Koffice 1.4.1
Tetex Tetex 2.0
Tetex Tetex 2.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »