Filtered by vendor Xpdfreader
Subscribe
Total
79 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43071 | 1 Xpdfreader | 1 Xpdf | 2025-04-30 | N/A | 5.5 MEDIUM |
| A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | |||||
| CVE-2010-3702 | 9 Apple, Canonical, Debian and 6 more | 11 Cups, Ubuntu Linux, Debian Linux and 8 more | 2025-04-11 | 7.5 HIGH | N/A |
| The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. | |||||
| CVE-2007-3387 | 6 Apple, Canonical, Debian and 3 more | 6 Cups, Ubuntu Linux, Debian Linux and 3 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. | |||||
| CVE-2022-45587 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | N/A | 5.5 MEDIUM |
| Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service. | |||||
| CVE-2022-45586 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | N/A | 5.5 MEDIUM |
| Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. | |||||
| CVE-2024-3247 | 1 Xpdfreader | 1 Xpdf | 2025-01-29 | N/A | 2.9 LOW |
| In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow. | |||||
| CVE-2024-3248 | 1 Xpdfreader | 1 Xpdf | 2025-01-29 | N/A | 2.9 LOW |
| In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow. | |||||
| CVE-2024-3900 | 1 Xpdfreader | 1 Xpdf | 2025-01-29 | N/A | 2.9 LOW |
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText. | |||||
| CVE-2024-4141 | 1 Xpdfreader | 1 Xpdf | 2025-01-29 | N/A | 2.9 LOW |
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers. | |||||
| CVE-2024-4568 | 1 Xpdfreader | 1 Xpdf | 2025-01-29 | N/A | 2.9 LOW |
| In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow. | |||||
| CVE-2024-4976 | 1 Xpdfreader | 1 Xpdf | 2025-01-29 | N/A | 5.5 MEDIUM |
| Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference. | |||||
| CVE-2024-2971 | 1 Xpdfreader | 1 Xpdf | 2025-01-29 | N/A | 2.9 LOW |
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file. | |||||
| CVE-2023-2663 | 1 Xpdfreader | 1 Xpdf | 2025-01-24 | N/A | 2.9 LOW |
| In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow. | |||||
| CVE-2023-2662 | 1 Xpdfreader | 1 Xpdf | 2025-01-24 | N/A | 2.9 LOW |
| In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero. | |||||
| CVE-2023-3436 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A | 3.3 LOW |
| Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream. | |||||
| CVE-2023-3044 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A | 3.3 LOW |
| An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate. | |||||
| CVE-2023-2664 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A | 2.9 LOW |
| In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow. | |||||
| CVE-2023-26930 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A | 5.5 MEDIUM |
| ** DISPUTED ** Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” | |||||
| CVE-2022-43295 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A | 5.5 MEDIUM |
| XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795. | |||||
| CVE-2022-41844 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088. | |||||