Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2023-3044
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large ch...
Xpdfreader Xpdf
1 Github repository
5.5
CVSSv3
CVE-2022-38334
XPDF v4.04 and previous versions exists to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.
Xpdfreader Xpdf
5.5
CVSSv3
CVE-2023-2663
In Xpdf 4.04 (and previous versions), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
Xpdfreader Xpdf
NA
CVE-2004-1125
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitr...
Xpdf Xpdf 3.0
Easy Software Products Cups 1.1.20
Kde Kde 3.2.3
Kde Kde 3.3.2
NA
CVE-2004-0888
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identifi...
Easy Software Products Cups 1.1.10
Easy Software Products Cups 1.1.12
Easy Software Products Cups 1.1.19
Easy Software Products Cups 1.1.19 Rc5
Gnome Gpdf 0.112
Gnome Gpdf 0.131
Kde Koffice 1.3 Beta3
Kde Kpdf 3.2
Pdftohtml Pdftohtml 0.36
Tetex Tetex 1.0.7
Xpdf Xpdf 1.0
Xpdf Xpdf 1.0a
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.1.15
Easy Software Products Cups 1.1.16
Easy Software Products Cups 1.1.4 2
Easy Software Products Cups 1.1.4 3
Kde Koffice 1.3.2
Kde Koffice 1.3.3
Pdftohtml Pdftohtml 0.33
Pdftohtml Pdftohtml 0.33a
Tetex Tetex 2.0.2
NA
CVE-2004-0889
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.1.12
Easy Software Products Cups 1.1.13
Easy Software Products Cups 1.1.19 Rc5
Easy Software Products Cups 1.1.20
Gnome Gpdf 0.131
Kde Koffice 1.3
Kde Kpdf 3.2
Pdftohtml Pdftohtml 0.32a
Tetex Tetex 1.0.7
Tetex Tetex 2.0
Xpdf Xpdf 1.0a
Xpdf Xpdf 1.1
Easy Software Products Cups 1.1.1
Easy Software Products Cups 1.1.10
Easy Software Products Cups 1.1.18
Easy Software Products Cups 1.1.19
Easy Software Products Cups 1.1.7
Gnome Gpdf 0.112
Kde Koffice 1.3 Beta2
Kde Koffice 1.3 Beta3
Pdftohtml Pdftohtml 0.35
NA
CVE-2010-3704
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf prior to 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent malicious users to cause a denial of service (crash) and possib...
Poppler Poppler 0.9.0
Poppler Poppler 0.9.1
Poppler Poppler 0.10.4
Poppler Poppler 0.10.5
Poppler Poppler 0.12.0
Poppler Poppler 0.12.1
Poppler Poppler 0.13.3
Poppler Poppler 0.13.4
Poppler Poppler 0.15.1
Poppler Poppler 0.10.0
Poppler Poppler 0.10.1
Poppler Poppler 0.11.0
Poppler Poppler 0.11.1
Poppler Poppler 0.12.4
Poppler Poppler 0.13.0
Poppler Poppler 0.14.3
Poppler Poppler 0.14.4
Poppler Poppler 0.10.2
Poppler Poppler 0.10.3
Poppler Poppler 0.11.2
Poppler Poppler 0.11.3
Poppler Poppler 0.13.1
5.5
CVSSv3
CVE-2019-10021
An issue exists in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
Xpdfreader Xpdf 4.01.01
5.5
CVSSv3
CVE-2019-10025
An issue exists in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.
Xpdfreader Xpdf 4.01.01
5.5
CVSSv3
CVE-2018-18650
An issue exists in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows malicious users to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a la...
Xpdfreader Xpdf 4.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »