threat
engine
.sh
Back
·
··:··
Home
/
Product
/
xpdfreader xpdf
Product
xpdfreader xpdf
135 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-7868
< 4.06
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. T
8.2
HIGH
CVE-2024-7867
<= 4.05
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.
6.2
MEDIUM
CVE-2024-7866
<= 4.05
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.
5.5
MEDIUM
CVE-2024-4976
<= 4.05
Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.
5.5
MEDIUM
CVE-2024-4568
<= 4.05
In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.
2.9
LOW
CVE-2024-4141
<= 4.05
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was
2.9
LOW
CVE-2024-3900
<= 4.05
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.
2.9
LOW
CVE-2024-3248
<= 4.05
In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.
2.9
LOW
CVE-2024-3247
<= 4.05
In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.
2.9
LOW
CVE-2024-2971
<= 4.05
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF fil
2.9
LOW
CVE-2022-48545
all versions
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
5.5
MEDIUM
CVE-2023-3436
all versions
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.
3.3
LOW
CVE-2023-3044
< 4.05
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's
3.3
LOW
CVE-2023-2664
<= 4.04
In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.
2.9
LOW
CVE-2023-2663
<= 4.04
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
2.9
LOW
CVE-2023-2662
<= 4.04
In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.
2.9
LOW
CVE-2023-26930
all versions
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pd
5.5
MEDIUM
CVE-2022-45587
all versions
Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.
5.5
MEDIUM
CVE-2022-45586
all versions
Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of serv
5.5
MEDIUM
CVE-2021-36493
all versions
Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command.
7.5
HIGH
CVE-2022-43071
all versions
A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service
5.5
MEDIUM
CVE-2022-43295
all versions
XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.
5.5
MEDIUM
CVE-2021-40226
all versions
xpdfreader 4.03 is vulnerable to Buffer Overflow.
7.5
HIGH
CVE-2022-41844
all versions
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnera
5.5
MEDIUM
CVE-2022-41843
all versions
An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE
5.5
MEDIUM
CVE-2022-41842
all versions
An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.
5.5
MEDIUM
CVE-2022-38222
all versions
There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a c
7.8
HIGH
CVE-2022-38928
all versions
XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.
7.8
HIGH
CVE-2022-38334
<= 4.04
XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.
5.5
MEDIUM
CVE-2022-36561
all versions
XPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.
5.5
MEDIUM
CVE-2022-24107
< 4.04
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
7.8
HIGH
CVE-2022-24106
< 4.04
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan o
7.8
HIGH
CVE-2022-38171
all versions
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc).
7.8
HIGH
CVE-2022-33108
all versions
XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files.
7.8
HIGH
CVE-2021-27548
all versions
There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03.
5.5
MEDIUM
CVE-2022-30775
all versions
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted P
5.5
MEDIUM
CVE-2022-30524
all versions
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles ch
7.8
HIGH
CVE-2022-27135
all versions
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a D
5.5
MEDIUM
CVE-2021-30860
< 4.04
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14
7.8
HIGH
CVE-2020-35376
all versions
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiT
7.5
HIGH
CVE-2020-25725
all versions
In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack-cach
5.0
MEDIUM
CVE-2020-24999
all versions
There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a craf
7.8
HIGH
CVE-2020-24996
all versions
There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be trigger
7.8
HIGH
CVE-2012-2142
all versions
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing
7.8
HIGH
CVE-2010-0207
all versions
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) i
5.5
MEDIUM
CVE-2010-0206
all versions
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF s
5.5
MEDIUM
CVE-2019-17064
all versions
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog construct
5.5
MEDIUM
CVE-2019-16115
all versions
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxia
7.8
HIGH
CVE-2019-16088
all versions
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.
5.5
MEDIUM
CVE-2019-15860
all versions
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002.
5.5
MEDIUM
CVE-2019-14294
all versions
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to
5.5
MEDIUM
CVE-2019-14293
all versions
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc
5.5
MEDIUM
CVE-2019-14292
all versions
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc
5.5
MEDIUM
CVE-2019-14291
all versions
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc
5.5
MEDIUM
CVE-2019-14290
all versions
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc
5.5
MEDIUM
CVE-2019-14289
all versions
An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for t
5.5
MEDIUM
CVE-2019-14288
all versions
An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for t
7.8
HIGH
CVE-2019-13291
all versions
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for ex
5.5
MEDIUM
CVE-2019-13289
all versions
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, f
7.8
HIGH
CVE-2019-13288
all versions
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can
5.5
MEDIUM
CVE-2019-13287
all versions
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/Splash
5.5
MEDIUM
CVE-2019-13286
all versions
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc
5.5
MEDIUM
CVE-2019-13283
all versions
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it
7.8
HIGH
CVE-2019-13282
all versions
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large
7.8
HIGH
CVE-2019-13281
all versions
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf
7.8
HIGH
CVE-2019-12958
all versions
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is t
5.5
MEDIUM
CVE-2019-12957
all versions
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number i
7.8
HIGH
CVE-2019-12515
all versions
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can,
7.1
HIGH
CVE-2019-12493
all versions
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSp
7.1
HIGH
CVE-2019-12360
all versions
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be
7.1
HIGH
CVE-2019-10026
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll
5.5
MEDIUM
CVE-2019-10025
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.
5.5
MEDIUM
CVE-2019-10024
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham param
5.5
MEDIUM
CVE-2019-10023
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod c
5.5
MEDIUM
CVE-2019-10022
all versions
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc.
5.5
MEDIUM
CVE-2019-10021
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
5.5
MEDIUM
CVE-2019-10020
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham param
5.5
MEDIUM
CVE-2019-10019
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripe
5.5
MEDIUM
CVE-2019-10018
all versions
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv
5.5
MEDIUM
CVE-2019-9878
all versions
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as
7.8
HIGH
CVE-2019-9877
all versions
There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, whic
7.8
HIGH
CVE-2019-9589
all versions
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can
7.8
HIGH
CVE-2019-9588
all versions
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted
7.8
HIGH
CVE-2019-9587
all versions
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf
7.8
HIGH
CVE-2018-18651
all versions
An issue was discovered in Xpdf 4.00. catalog-getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang ca
5.5
MEDIUM
CVE-2018-18650
all versions
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Over
5.5
MEDIUM
CVE-2018-18459
all versions
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dere
5.5
MEDIUM
CVE-2018-18458
all versions
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer d
5.5
MEDIUM
CVE-2018-18457
all versions
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dere
5.5
MEDIUM
CVE-2018-18456
all versions
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denia
5.5
MEDIUM
CVE-2018-18455
all versions
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer ove
5.5
MEDIUM
CVE-2018-18454
all versions
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-r
5.5
MEDIUM
CVE-2018-16369
all versions
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf fil
5.5
MEDIUM
CVE-2018-16368
all versions
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based b
5.5
MEDIUM
CVE-2018-11033
all versions
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial
7.8
HIGH
CVE-2018-8107
all versions
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-re
5.5
MEDIUM
CVE-2018-8106
all versions
The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buf
5.5
MEDIUM
CVE-2018-8105
all versions
The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer o
5.5
MEDIUM
CVE-2018-8104
all versions
The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-re
5.5
MEDIUM
CVE-2018-8103
all versions
The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-base
5.5
MEDIUM
CVE-2018-8102
all versions
The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer ove
5.5
MEDIUM
CVE-2018-8101
all versions
The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-base
5.5
MEDIUM
CVE-2018-8100
all versions
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer
7.8
HIGH
CVE-2018-7455
all versions
An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a s
5.5
MEDIUM
CVE-2018-7454
all versions
A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a sp
5.5
MEDIUM
CVE-2018-7453
all versions
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific
5.5
MEDIUM
CVE-2018-7452
all versions
A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via
5.5
MEDIUM
CVE-2018-7175
all versions
An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service v
5.5
MEDIUM
CVE-2018-7174
all versions
An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop de
5.5
MEDIUM
CVE-2018-7173
all versions
A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due
5.5
MEDIUM
CVE-2011-1554
<= 3.02
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to
CVE-2011-1553
<= 3.02
Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote
CVE-2011-1552
<= 3.02
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which all
CVE-2011-0764
<= 3.02
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a
CVE-2010-3704
<= 3.02
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other vers
CVE-2010-3702
<= 3.01
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, k
CVE-2009-3609
all versions
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used i
CVE-2009-3608
all versions
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as us
CVE-2009-3606
all versions
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, m
CVE-2009-3604
all versions
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics K
CVE-2009-3603
all versions
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remot
CVE-2009-0165
<= 3.02
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X
CVE-2009-1183
<= 3.02
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote
CVE-2009-1182
<= 3.02
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and
CVE-2009-1181
<= 3.02
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote att
CVE-2009-1180
<= 3.02
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote att
CVE-2009-1179
<= 3.02
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other produc
CVE-2009-0800
<= 3.02
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6,
CVE-2009-0799
<= 3.02
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote att
CVE-2009-0195
<= 3.02
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execut
CVE-2009-0166
<= 3.02
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denia
CVE-2009-0147
<= 3.02
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remo
CVE-2009-0146
<= 3.02
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remot
CVE-2009-1144
<= 3.02
Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Troja
CVE-2007-3387
all versions
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf bef
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin