Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evince vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-9083
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
Freedesktop Poppler 0.54.0
NA
CVE-2012-6535
DjVuLibre prior to 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.
Djvulibre Project Djvulibre 3.5.21
Djvulibre Project Djvulibre 3.5.20
Djvulibre Project Djvulibre 3.5.13
Djvulibre Project Djvulibre 3.5.12
Djvulibre Project Djvulibre 3.5.4
Djvulibre Project Djvulibre 3.5.3
Djvulibre Project Djvulibre
Djvulibre Project Djvulibre 3.5.24
Djvulibre Project Djvulibre 3.5.17
Djvulibre Project Djvulibre 3.5.16
Djvulibre Project Djvulibre 3.5.9
Djvulibre Project Djvulibre 3.5.8
Djvulibre Project Djvulibre 3.5.23
Djvulibre Project Djvulibre 3.5.22
Djvulibre Project Djvulibre 3.5.15
Djvulibre Project Djvulibre 3.5.14
Djvulibre Project Djvulibre 3.5.7
Djvulibre Project Djvulibre 3.5.6
Djvulibre Project Djvulibre 3.5.5
Djvulibre Project Djvulibre 3.5.19
Djvulibre Project Djvulibre 3.5.18
Djvulibre Project Djvulibre 3.5.11
NA
CVE-2011-5244
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary...
Gnome Evince -
Tetex Tetex 3.0
T1lib T1lib
NA
CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a craft...
T1lib T1lib
Gnome Evince -
Tetex Tetex 3.0
NA
CVE-2010-26432
Jon Larimer from IBM X-Force Advanced Research discovered multiple vulnerabilities in the DVI backend of the Evince document viewer: CVE-2010-2640 Insufficient array bounds checks in the PK fonts parser could lead to function pointer overwrite, causing arbitrary code execution. C...
NA
CVE-2010-2643
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Redhat Evince 2.31.4.1
Redhat Evince 2.31.6
Redhat Evince 2.29.92
Redhat Evince 2.31
Redhat Evince 2.24
Redhat Evince 2.23
Redhat Evince 2.31.92
Redhat Evince 2.32
Redhat Evince 2.30.2
Redhat Evince 2.31.2
Redhat Evince 2.31.1
Redhat Evince 2.26
Redhat Evince 2.25
Redhat Evince 0.8
Redhat Evince 0.9
Redhat Evince 2.31.6.1
Redhat Evince 2.31.90
Redhat Evince 2.30
Redhat Evince 2.29
Redhat Evince 2.21
Redhat Evince 2.22
Redhat Evince 0.4
NA
CVE-2010-2640
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is pr...
Redhat Evince 2.31.92
Redhat Evince 2.31.90
Redhat Evince 2.31.2
Redhat Evince 2.31.1
Redhat Evince 2.25
Redhat Evince 2.24
Redhat Evince 0.9
Redhat Evince 0.6
Redhat Evince 2.31.4.1
Redhat Evince 2.31.4
Redhat Evince 2.29
Redhat Evince 2.28
Redhat Evince 2.22
Redhat Evince 2.19
Redhat Evince 0.5
Redhat Evince 0.2
Redhat Evince 2.31.6.1
Redhat Evince 2.31.6
Redhat Evince 2.29.92
Redhat Evince 2.31
Redhat Evince 2.30
Redhat Evince 2.23
NA
CVE-2010-2641
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is pr...
Redhat Evince
Redhat Evince 2.31
Redhat Evince 2.24
Redhat Evince 2.28
Redhat Evince 2.27
Redhat Evince 2.20
Redhat Evince 2.19
Redhat Evince 0.3
Redhat Evince 0.2
Redhat Evince 2.30.3
Redhat Evince 2.30.2
Redhat Evince 2.30
Redhat Evince 2.29
Redhat Evince 2.22
Redhat Evince 2.21
Redhat Evince 0.5
Redhat Evince 0.4
Redhat Evince 2.31.90
Redhat Evince 2.31.4
Redhat Evince 2.23
Redhat Evince 0.7
Redhat Evince 0.6
NA
CVE-2010-2642
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and previous versions, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary co...
Redhat Evince 2.31.92
Redhat Evince 2.31.4.1
Redhat Evince 2.31.6
Redhat Evince 2.31.1
Redhat Evince 2.29.92
Redhat Evince 2.25
Redhat Evince 2.24
Redhat Evince 0.6
Redhat Evince 0.7
Tug Tetex 3.0
T1lib T1lib 5.1.2
Redhat Evince 2.31.4
Redhat Evince 2.30.3
Redhat Evince 2.29
Redhat Evince 2.28
Redhat Evince 2.22
Redhat Evince 2.19
Redhat Evince 0.2
Redhat Evince 0.3
Redhat Evince 2.31.6.1
Redhat Evince 2.31.90
Redhat Evince 2.31
NA
CVE-2008-1693
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly prior to 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote malicious users to execute arbitrary code via a cr...
Poppler Poppler 0.1
Poppler Poppler 0.1.1
Poppler Poppler 0.4.0
Poppler Poppler 0.4.1
Poppler Poppler 0.5.3
Poppler Poppler 0.5.4
Poppler Poppler 0.7.0
Poppler Poppler 0.7.1
Poppler Poppler 0.1.2
Poppler Poppler 0.2.0
Poppler Poppler 0.4.2
Poppler Poppler 0.4.3
Poppler Poppler 0.5.9
Poppler Poppler 0.5.91
Poppler Poppler 0.7.2
Poppler Poppler
Poppler Poppler 0.3.0
Poppler Poppler 0.3.1
Poppler Poppler 0.4.4
Poppler Poppler 0.5.0
Poppler Poppler 0.6.0
Poppler Poppler 0.6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »