Filtered by vendor Xpdfreader
Subscriptions
Filtered by product Xpdf
Subscriptions
Total
75 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0207 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2024-08-07 | 5.5 Medium |
| In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. | ||||
| CVE-2010-0206 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2024-08-07 | 5.5 Medium |
| xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects. | ||||
| CVE-2012-2142 | 4 Freedesktop, Opensuse, Redhat and 1 more | 4 Poppler, Opensuse, Enterprise Linux and 1 more | 2024-08-06 | 7.8 High |
| The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | ||||
| CVE-2018-18456 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | ||||
| CVE-2018-18454 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | ||||
| CVE-2018-18458 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | ||||
| CVE-2018-18459 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | ||||
| CVE-2018-18455 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | ||||
| CVE-2018-18457 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | ||||
| CVE-2018-16368 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | ||||
| CVE-2018-16369 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453. | ||||
| CVE-2018-7453 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml. | ||||
| CVE-2018-7454 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | ||||
| CVE-2018-7452 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | ||||
| CVE-2018-7455 | 1 Xpdfreader | 1 Xpdf | 2024-08-05 | N/A |
| An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | ||||
| CVE-2019-10021 | 1 Xpdfreader | 1 Xpdf | 2024-08-04 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. | ||||
| CVE-2019-10018 | 3 Canonical, Debian, Xpdfreader | 3 Ubuntu Linux, Debian Linux, Xpdf | 2024-08-04 | 5.5 Medium |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. | ||||
| CVE-2019-10023 | 1 Xpdfreader | 1 Xpdf | 2024-08-04 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. | ||||
| CVE-2019-10019 | 1 Xpdfreader | 1 Xpdf | 2024-08-04 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. | ||||
| CVE-2019-10025 | 1 Xpdfreader | 1 Xpdf | 2024-08-04 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. | ||||