|Max CVSS||7.5||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
|03-10-2019 - 00:03||10-05-2018 - 15:29|
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
|03-10-2019 - 00:03||04-05-2018 - 17:29|
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will l
|03-10-2019 - 00:03||06-05-2018 - 23:29|
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
|08-05-2019 - 18:21||05-07-2018 - 18:29|
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are no
|25-04-2019 - 18:38||06-05-2018 - 23:29|
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitab
|25-04-2019 - 14:16||25-07-2018 - 23:29|