Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poppler vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-23804
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote malicious users to cause a denial of service via crafted input.
Freedesktop Poppler 0.89.0
Debian Debian Linux 10.0
NA
CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows malicious users to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the...
Freedesktop Poppler 22.07.0
Debian Debian Linux 10.0
NA
CVE-2022-37051
An issue exists in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
Freedesktop Poppler 22.07.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2017-14926
In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document.
Freedesktop Poppler 0.59.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-14928
In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document.
Freedesktop Poppler 0.59.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
Freedesktop Poppler
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2017-9406
In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows malicious users to cause a denial of service via a crafted file.
Freedesktop Poppler 0.54.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2017-9408
In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows malicious users to cause a denial of service via a crafted file.
Freedesktop Poppler 0.54.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-9865
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc.
Freedesktop Poppler 0.54.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2019-11026
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
Freedesktop Poppler 0.75.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »