Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-43071
A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Xpdfreader Xpdf 4.04
7.5
CVSSv3
CVE-2021-36493
Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows malicious users to crash the application via crafted command.
Xpdfreader Xpdf 4.03
7.8
CVSSv3
CVE-2022-30524
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote malici...
Xpdfreader Xpdf 4.0.4
5.5
CVSSv3
CVE-2019-17064
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
Glyphandcog Xpdfreader 4.02
5.5
CVSSv3
CVE-2019-12958
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated.
Glyphandcog Xpdfreader 4.01.01
7.8
CVSSv3
CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf prior to 4.00 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
Xpdfreader Xpdf 4.00
3.3
CVSSv3
CVE-2023-3436
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.
Xpdfreader Xpdf 4.04
5.5
CVSSv3
CVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary.
Xpdfreader Xpdf 4.03
5.5
CVSSv3
CVE-2022-41844
An issue exists in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.
Xpdfreader Xpdf 4.04
5.5
CVSSv3
CVE-2018-18454
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »