Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf vulnerabilities and exploits
(subscribe to this query)
454
VMScore
CVE-2005-3191
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and previous versions, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtm...
Xpdf Xpdf 1.0
Xpdf Xpdf 1.0a
Xpdf Xpdf 3.0 Pl2
Xpdf Xpdf 3.0 Pl3
Xpdf Xpdf 0.92
Xpdf Xpdf 0.93
Xpdf Xpdf 3.0
Xpdf Xpdf 3.0.1
Xpdf Xpdf 1.1
Xpdf Xpdf 2.0
Xpdf Xpdf 0.90
Xpdf Xpdf 0.91
Xpdf Xpdf 2.1
Xpdf Xpdf 2.2
Xpdf Xpdf 2.3
454
VMScore
CVE-2005-3193
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and previous versions, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted malicious u...
Xpdf Xpdf 0.93
Xpdf Xpdf 1.0
Xpdf Xpdf 1.0a
Xpdf Xpdf 3.0.1
Xpdf Xpdf 3.0 Pl2
Xpdf Xpdf 0.90
Xpdf Xpdf 2.1
Xpdf Xpdf 2.2
Xpdf Xpdf 0.91
Xpdf Xpdf 0.92
Xpdf Xpdf 2.3
Xpdf Xpdf 3.0
Xpdf Xpdf 1.1
Xpdf Xpdf 2.0
Xpdf Xpdf 3.0 Pl3
445
VMScore
CVE-2020-35376
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.
Xpdfreader Xpdf 4.02
Fedoraproject Fedora 32
Fedoraproject Fedora 33
445
VMScore
CVE-2009-1187
Integer overflow in the JBIG2 decoding feature in Poppler prior to 0.10.6 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Poppler Poppler 0.7.3
Poppler Poppler 0.3.2
Poppler Poppler 0.10.3
Poppler Poppler 0.4.0
Poppler Poppler 0.8.5
Poppler Poppler 0.9.3
Poppler Poppler 0.10.1
Poppler Poppler 0.10.0
Poppler Poppler 0.7.1
Poppler Poppler 0.6.1
Poppler Poppler 0.3.1
Poppler Poppler 0.5.2
Poppler Poppler 0.5.91
Poppler Poppler 0.6.0
Poppler Poppler 0.3.3
Poppler Poppler 0.4.2
Poppler Poppler 0.10.4
Poppler Poppler 0.9.2
Poppler Poppler 0.6.4
Poppler Poppler 0.1.2
Poppler Poppler 0.8.0
Poppler Poppler 0.8.3
445
VMScore
CVE-2009-1188
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x prior to 3.02pl4 and Poppler prior to 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote malicious users to execute arbitrary code or cause a denial o...
Poppler Poppler 0.7.3
Poppler Poppler 0.3.2
Poppler Poppler 0.10.3
Poppler Poppler 0.4.0
Poppler Poppler 0.8.5
Poppler Poppler 0.9.3
Poppler Poppler 0.10.1
Poppler Poppler 0.10.0
Poppler Poppler 0.7.1
Poppler Poppler 0.6.1
Poppler Poppler 0.3.1
Poppler Poppler 0.5.2
Poppler Poppler 0.5.91
Poppler Poppler 0.6.0
Poppler Poppler 0.3.3
Poppler Poppler 0.4.2
Poppler Poppler 0.10.4
Poppler Poppler 0.9.2
Poppler Poppler 0.6.4
Poppler Poppler 0.1.2
Poppler Poppler 0.8.0
Poppler Poppler 0.8.3
445
VMScore
CVE-2005-3624
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows malicious users to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integ...
Kde Kdegraphics 3.2
Kde Kdegraphics 3.4.3
Sgi Propack 3.0
Tetex Tetex 1.0.7
Libextractor Libextractor
Easy Software Products Cups 1.1.23
Easy Software Products Cups 1.1.23 Rc1
Kde Kword 1.4.2
Poppler Poppler 0.4.2
Xpdf Xpdf 3.0
Conectiva Linux 10.0
Easy Software Products Cups 1.1.22
Easy Software Products Cups 1.1.22 Rc1
Kde Koffice 1.4.2
Kde Kpdf 3.2
Kde Kpdf 3.4.3
Tetex Tetex 2.0.2
Tetex Tetex 3.0
Kde Koffice 1.4
Kde Koffice 1.4.1
Tetex Tetex 2.0
Tetex Tetex 2.0.1
445
VMScore
CVE-2005-3626
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows malicious users to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Easy Software Products Cups 1.1.22 Rc1
Easy Software Products Cups 1.1.23
Kde Kpdf 3.2
Kde Kpdf 3.4.3
Tetex Tetex 3.0
Xpdf Xpdf 3.0
Easy Software Products Cups 1.1.23 Rc1
Kde Kdegraphics 3.2
Kde Kword 1.4.2
Poppler Poppler 0.4.2
Conectiva Linux 10.0
Libextractor Libextractor
Kde Kdegraphics 3.4.3
Kde Koffice 1.4
Sgi Propack 3.0
Tetex Tetex 1.0.7
Easy Software Products Cups 1.1.22
Kde Koffice 1.4.1
Kde Koffice 1.4.2
Tetex Tetex 2.0
Tetex Tetex 2.0.1
Tetex Tetex 2.0.2
445
VMScore
CVE-2002-1372
Common Unix Printing System (CUPS) 1.1.14 up to and including 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote malicious user to cause a denial of service (resource exhaustion) by causing file descriptors to be ass...
Apple Cups
Apple Mac Os X 10.2.2
Apple Mac Os X 10.2
Debian Debian Linux 2.2
Debian Debian Linux 3.0
384
VMScore
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
Glyphandcog Xpdfreader 4.01.01
2 Github repositories
384
VMScore
CVE-2018-8101
The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »