Max CVSS | 7.6 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-9959 | 4.3 |
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attac
|
11-02-2023 - 18:27 | 22-07-2019 - 15:15 | |
CVE-2019-14494 | 4.3 |
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
|
18-01-2023 - 21:19 | 01-08-2019 - 17:15 | |
CVE-2019-9631 | 7.5 |
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
|
23-07-2020 - 12:15 | 08-03-2019 - 05:29 | |
CVE-2017-1000083 | 6.8 |
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option su
|
03-10-2019 - 00:03 | 05-09-2017 - 06:29 | |
CVE-2018-13988 | 4.3 |
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitab
|
25-04-2019 - 14:16 | 25-07-2018 - 23:29 | |
CVE-2010-2643 | 7.6 |
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
|
19-01-2012 - 03:49 | 07-01-2011 - 19:00 |