Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-27337
A logic error in the Hints::Hints function of Poppler v22.03.0 allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Freedesktop Poppler 22.03.0
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary.
Xpdfreader Xpdf 4.03
4.3
CVSSv2
CVE-2020-25725
In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the cas...
Xpdfreader Xpdf 4.02
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4.3
CVSSv2
CVE-2010-0207
In xpdf, the xref table contains an infinite loop which allows remote malicious users to cause a denial of service (application crash) in xpdf-based PDF viewers.
Xpdfreader Xpdf 3.03-17
Xpdfreader Xpdf 3.04-4
Xpdfreader Xpdf 3.04-13
4.3
CVSSv2
CVE-2010-0206
xpdf allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
Xpdfreader Xpdf 3.03-17
Xpdfreader Xpdf 3.04-4
Xpdfreader Xpdf 3.04-13
4.3
CVSSv2
CVE-2019-17064
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
Glyphandcog Xpdfreader 4.02
4.3
CVSSv2
CVE-2019-16927
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877.
Glyphandcog Xpdf 4.01.01
4.3
CVSSv2
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.
Glyphandcog Xpdfreader 3.04
4.3
CVSSv2
CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002.
Glyphandcog Xpdfreader 2.00
4.3
CVSSv2
CVE-2019-14289
An issue exists in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.
Glyphandcog Xpdfreader 4.01.01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »