Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-18651
An issue exists in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows malicious users to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the fil...
Xpdfreader Xpdf 4.00
5.5
CVSSv3
CVE-2019-10020
An issue exists in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters.
Xpdfreader Xpdf 4.01.01
5.5
CVSSv3
CVE-2019-10021
An issue exists in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
Xpdfreader Xpdf 4.01.01
5.5
CVSSv3
CVE-2019-10023
An issue exists in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.
Xpdfreader Xpdf 4.01.01
5.5
CVSSv3
CVE-2019-10024
An issue exists in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.
Xpdfreader Xpdf 4.01.01
5.5
CVSSv3
CVE-2019-10025
An issue exists in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.
Xpdfreader Xpdf 4.01.01
5.5
CVSSv3
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
Xpdfreader Xpdf 4.02
5.5
CVSSv3
CVE-2018-7453
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
5.5
CVSSv3
CVE-2018-7454
A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
5.5
CVSSv3
CVE-2018-16368
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »