Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Poppler'
2022-05-05
CVE-2022-27337
NVD-CWE-Other
A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
2020-12-25
CVE-2020-35702
CWE-787
** DISPUTED ** DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects.
2020-12-03
CVE-2020-27778
CWE-824
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
2020-01-09
CVE-2012-2142
NVD-CWE-Other
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
2019-11-13
CVE-2010-4654
CWE-74
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.
CVE-2010-4653
CWE-190
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.
2019-09-05
CVE-2018-21009
CWE-190
Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.
2019-08-01
CVE-2019-14494
CWE-369
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
2019-07-22
CVE-2019-9959
CWE-190
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
2019-05-23
CVE-2019-12293
CWE-125
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Poppler' 