Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4352
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote malicious users to trigger memory corruption and execute arbitrary code via a crafted PDF file.
Xpdf Xpdf 3.0.1 Pl1
NA
CVE-2000-0727
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an malicious user to execute arbitrary commands via a URL that contains shell metacharacters.
Xpdf Xpdf 0.90
NA
CVE-2000-0728
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
Xpdf Xpdf 0.90
NA
CVE-2007-5392
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote malicious users to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
Xpdf Xpdf 3.0.1 Pl1
NA
CVE-2007-5393
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote malicious users to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
Xpdf Xpdf 3.02p11
NA
CVE-2005-3192
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote malicious users to execute arbitrary code via a PDF file w...
Xpdf Xpdf 3.0.1
NA
CVE-2002-1384
Integer overflow in pdftops, as used in Xpdf 2.01 and previous versions, xpdf-i, and CUPS prior to 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.1.4
Easy Software Products Cups 1.1.4 2
Xpdf Xpdf 1.0a
Xpdf Xpdf 1.1
Easy Software Products Cups 1.0.4 8
Easy Software Products Cups 1.1.1
Easy Software Products Cups 1.1.4 3
Easy Software Products Cups 1.1.4 5
Xpdf Xpdf 2.0
Xpdf Xpdf 2.1
Easy Software Products Cups 1.1.10
Easy Software Products Cups 1.1.13
Easy Software Products Cups 1.1.6
Easy Software Products Cups 1.1.7
Xpdf Xpdf 0.90
Easy Software Products Cups 1.1.14
Easy Software Products Cups 1.1.17
Xpdf Xpdf 0.91
Xpdf Xpdf 1.0
7.8
CVSSv3
CVE-2022-38227
XPDF commit ffaf11c exists to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp.
Xpdf Project Xpdf 3.04
7.8
CVSSv3
CVE-2022-38228
XPDF commit ffaf11c exists to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
Xpdf Project Xpdf 3.04
7.8
CVSSv3
CVE-2022-38229
XPDF commit ffaf11c exists to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.
Xpdf Project Xpdf 3.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »