Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poppler vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2017-14977
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
445
VMScore
CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
Freedesktop Poppler
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
445
VMScore
CVE-2017-14975
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
445
VMScore
CVE-2017-14976
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
445
VMScore
CVE-2017-14929
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vu...
Freedesktop Poppler 0.59.0
445
VMScore
CVE-2017-14519
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).
Freedesktop Poppler 0.59.0
445
VMScore
CVE-2013-7296
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler prior to 0.24.5 does not use the correct specifier within a format string, which allows context-dependent malicious users to cause a denial of service (segmentation fault and application crash) via a crafted PDF fi...
Freedesktop Poppler 0.23.3
Freedesktop Poppler 0.23.2
Freedesktop Poppler 0.22.0
Freedesktop Poppler 0.21.4
Freedesktop Poppler 0.20.3
Freedesktop Poppler 0.20.2
Freedesktop Poppler 0.19.0
Freedesktop Poppler 0.18.4
Freedesktop Poppler 0.17.2
Freedesktop Poppler 0.17.1
Freedesktop Poppler 0.16.2
Freedesktop Poppler 0.16.1
Freedesktop Poppler 0.14.3
Freedesktop Poppler 0.14.2
Freedesktop Poppler 0.13.0
Freedesktop Poppler 0.12.4
Freedesktop Poppler 0.11.1
Freedesktop Poppler 0.11.0
Freedesktop Poppler 0.10.0
Freedesktop Poppler 0.1.2
Freedesktop Poppler
Freedesktop Poppler 0.24.2
445
VMScore
CVE-2009-1187
Integer overflow in the JBIG2 decoding feature in Poppler prior to 0.10.6 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Poppler Poppler 0.7.3
Poppler Poppler 0.3.2
Poppler Poppler 0.10.3
Poppler Poppler 0.4.0
Poppler Poppler 0.8.5
Poppler Poppler 0.9.3
Poppler Poppler 0.10.1
Poppler Poppler 0.10.0
Poppler Poppler 0.7.1
Poppler Poppler 0.6.1
Poppler Poppler 0.3.1
Poppler Poppler 0.5.2
Poppler Poppler 0.5.91
Poppler Poppler 0.6.0
Poppler Poppler 0.3.3
Poppler Poppler 0.4.2
Poppler Poppler 0.10.4
Poppler Poppler 0.9.2
Poppler Poppler 0.6.4
Poppler Poppler 0.1.2
Poppler Poppler 0.8.0
Poppler Poppler 0.8.3
445
VMScore
CVE-2009-1188
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x prior to 3.02pl4 and Poppler prior to 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote malicious users to execute arbitrary code or cause a denial o...
Poppler Poppler 0.7.3
Poppler Poppler 0.3.2
Poppler Poppler 0.10.3
Poppler Poppler 0.4.0
Poppler Poppler 0.8.5
Poppler Poppler 0.9.3
Poppler Poppler 0.10.1
Poppler Poppler 0.10.0
Poppler Poppler 0.7.1
Poppler Poppler 0.6.1
Poppler Poppler 0.3.1
Poppler Poppler 0.5.2
Poppler Poppler 0.5.91
Poppler Poppler 0.6.0
Poppler Poppler 0.3.3
Poppler Poppler 0.4.2
Poppler Poppler 0.10.4
Poppler Poppler 0.9.2
Poppler Poppler 0.6.4
Poppler Poppler 0.1.2
Poppler Poppler 0.8.0
Poppler Poppler 0.8.3
445
VMScore
CVE-2005-3624
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows malicious users to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integ...
Kde Kdegraphics 3.2
Kde Kdegraphics 3.4.3
Sgi Propack 3.0
Tetex Tetex 1.0.7
Libextractor Libextractor
Easy Software Products Cups 1.1.23
Easy Software Products Cups 1.1.23 Rc1
Kde Kword 1.4.2
Poppler Poppler 0.4.2
Xpdf Xpdf 3.0
Conectiva Linux 10.0
Easy Software Products Cups 1.1.22
Easy Software Products Cups 1.1.22 Rc1
Kde Koffice 1.4.2
Kde Kpdf 3.2
Kde Kpdf 3.4.3
Tetex Tetex 2.0.2
Tetex Tetex 3.0
Kde Koffice 1.4
Kde Koffice 1.4.1
Tetex Tetex 2.0
Tetex Tetex 2.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »