| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-20662 | 4.3 |
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is m
|
01-03-2023 - 18:02 | 03-01-2019 - 13:29 | |
| CVE-2019-10018 | 4.3 |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.
|
01-03-2023 - 18:01 | 25-03-2019 - 00:29 | |
| CVE-2018-18897 | 4.3 |
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
|
01-03-2023 - 15:17 | 02-11-2018 - 07:29 | |
| CVE-2019-9903 | 4.3 |
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
|
11-02-2023 - 18:12 | 21-03-2019 - 18:29 | |
| CVE-2019-9200 | 6.8 |
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmen
|
23-07-2020 - 12:15 | 26-02-2019 - 23:29 | |
| CVE-2019-9631 | 7.5 |
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
|
23-07-2020 - 12:15 | 08-03-2019 - 05:29 | |
| CVE-2019-12293 | 6.8 |
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
|
23-07-2020 - 12:15 | 23-05-2019 - 05:29 | |
| CVE-2019-10872 | 6.8 |
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.
|
23-07-2020 - 12:15 | 05-04-2019 - 04:29 | |
| CVE-2017-9865 | 4.3 |
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in I
|
03-10-2019 - 00:03 | 25-06-2017 - 13:29 | |
| CVE-2019-10023 | 4.3 |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.
|
27-06-2019 - 16:15 | 25-03-2019 - 00:29 | |
| CVE-2019-10021 | 4.3 |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
|
27-06-2019 - 16:15 | 25-03-2019 - 00:29 | |
| CVE-2019-10019 | 4.3 |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes.
|
27-06-2019 - 16:15 | 25-03-2019 - 00:29 | |
| CVE-2019-10873 | 4.3 |
An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
|
18-06-2019 - 20:15 | 05-04-2019 - 04:29 |