Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-14494
An issue exists in Poppler up to and including 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
Freedesktop Poppler
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
383
VMScore
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and previous versions doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonst...
Freedesktop Poppler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
383
VMScore
CVE-2019-11026
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
Freedesktop Poppler 0.75.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
383
VMScore
CVE-2019-10871
An issue exists in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
Freedesktop Poppler 0.74.0
383
VMScore
CVE-2019-10873
An issue exists in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
Freedesktop Poppler 0.74.0
383
VMScore
CVE-2019-9903
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
Freedesktop Poppler 0.74.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
383
VMScore
CVE-2018-20662
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows malicious users to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extract...
Freedesktop Poppler 0.72.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
383
VMScore
CVE-2018-20551
A reachable Object::getString assertion in Poppler 0.72.0 allows malicious users to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
Freedesktop Poppler 0.72.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
383
VMScore
CVE-2018-20481
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.c...
Freedesktop Poppler 0.72.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
383
VMScore
CVE-2018-19149
Poppler prior to 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.
Freedesktop Poppler
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »