from 0, < 0.71.0-4
from 0, < 0.26.5-2+deb8u9
HIGH8.8CVE-2018-21009Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. from 0, < 0.69.0-2
HIGH8.8In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent height…
from 0, < 0.71.0-5
HIGH8.8poppler - security update
from 0, < 0.71.0-5
HIGH8.8poppler - security update
from 0, < 0.26.5-2+deb8u10
HIGH8.8An issue was discovered in Poppler 0.74.0.
from 0
HIGH8.8An issue was discovered in Poppler 0.74.0.
from 0
HIGH8.8A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered…
from 0, < 0.71.0-4
HIGH8.8poppler - security update
from 0, < 0.61.1-2
HIGH8.8poppler - security update
from 0, < 0.18.4-6+deb7u5
HIGH8.8poppler - security update
from 0, < 0.26.5-2+deb8u3
HIGH8.8In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF docum…
from 0, < 0.61.1-2
HIGH8.8An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0.
from 0
HIGH8.8An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0.
from 0
HIGH8.8An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0.
from 0
HIGH7.8A flaw was found in Poppler's Splash backend.
from 0
HIGH7.8In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the ima…
from 0
HIGH7.8Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc…
from 0, < 20.09.0-3.1+deb11u1
HIGH7.8The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escap…
from 0, < 0.18.4-7
HIGH7.8poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.
from 0, < 0.16.3-1
HIGH7.8In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger…
from 0, < 0.22.5-4
HIGH7.8In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remo…
from 0, < 0.71.0-4
HIGH7.8In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handl…
from 0, < 0.61.1-2
HIGH7.8In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when ha…
from 0, < 0.61.1-2
HIGH7.8In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document.
from 0, < 0.61.1-2
HIGH7.8poppler - regression update
from 0, < 0.26.5-2+deb8u4
HIGH7.8poppler - regression update
from 0, < 0.57.0-2
HIGH7.8poppler - security update
from 0, < 0.18.4-6+deb7u1
HIGH7.8poppler - security update
from 0, < 0.38.0-3
HIGH7.8poppler - security update
from 0, < 0.26.5-2+deb8u1
HIGH7.5A flaw was found in the Poppler's Pdfinfo utility.
from 0
HIGH7.5poppler - security update
from 0, < 0.71.0-5+deb10u3
HIGH7.5poppler - security update
from 0, < 20.09.0-1
HIGH7.5A flaw was found in Poppler in the way certain PDF files were converted into HTML.
from 0, < 0.85.0-2
HIGH7.5An issue was discovered in Poppler through 0.78.0.
from 0, < 0.85.0-2
HIGH7.5The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of val…
from 0, < 0.61.1-2
HIGH7.5The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bou…
from 0, < 0.61.1-2
HIGH7.5poppler - security update
from 0, < 0.18.4-6+deb7u4
HIGH7.5poppler - security update
from 0, < 0.61.1-2
HIGH7.5In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go…
from 0, < 0.61.1-2
HIGH7.5In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::g…
from 0, < 0.61.1-2
HIGH7.1Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc bec…
from 0, < 20.09.0-3.1+deb11u2
HIGH7.1A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and G…
from 0, < 0.44.0-2
HIGH7.1A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01.
from 0, < 0.38.0-2
MEDIUM6.5An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted…
from 0
MEDIUM6.5An issue was discovered in Poppler 22.08.0.
from 0, < 20.09.0-3.1+deb11u2
MEDIUM6.5A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
from 0, < 20.09.0-3.1+deb11u2
MEDIUM6.5An issue was discovered in Poppler 22.07.0.
from 0, < 20.09.0-3.1+deb11u2
MEDIUM6.5In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by cra…
from 0, < 20.09.0-3.1+deb11u2
MEDIUM6.5Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.
from 0, < 0.85.0-2
MEDIUM6.5poppler - security update
from 0, < 20.09.0-3.1+deb11u2
MEDIUM6.5poppler - security update
from 0, < 20.09.0-3.1+deb11u2
MEDIUM6.5poppler - security update
from 0, < 0.71.0-5+deb10u2
MEDIUM6.5poppler - security update
from 0, < 20.09.0-3.1+deb11u1
MEDIUM6.5poppler - security update
from 0, < 20.09.0-3.1+deb11u1
MEDIUM6.5An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.
from 0, < 0.16.3-1
MEDIUM6.5poppler - security update
from 0, < 0.85.0-2
MEDIUM6.5poppler - security update
from 0, < 0.26.5-2+deb8u12
MEDIUM6.5FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
from 0, < 0.85.0-2
MEDIUM6.5An issue was discovered in Poppler 0.74.0.
from 0, < 0.71.0-4
MEDIUM6.5An issue was discovered in Poppler 0.74.0.
from 0, < 0.85.0-2
MEDIUM6.5PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() locate…
from 0, < 0.85.0-2
MEDIUM6.5In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT,…
from 0, < 0.71.0-4
MEDIUM6.5poppler - security update
from 0, < 0.85.0-2
MEDIUM6.5poppler - security update
from 0, < 0.26.5-2+deb8u11
MEDIUM6.5A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich…
from 0, < 0.71.0-4
MEDIUM6.5XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service…
from 0, < 0.71.0-4
MEDIUM6.5Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachme…
from 0, < 0.71.0-2
MEDIUM6.5An issue was discovered in Poppler 0.71.0.
from 0, < 0.85.0-2
MEDIUM6.5An issue was discovered in Poppler 0.71.0.
from 0, < 0.85.0-2
MEDIUM6.5poppler - security update
from 0, < 0.26.5-2+deb8u8
MEDIUM6.5poppler - security update
from 0, < 0.85.0-2
MEDIUM6.5poppler - security update
from 0, < 0.85.0-2
MEDIUM6.5poppler - security update
from 0, < 0.71.0-5+deb10u1
MEDIUM6.5poppler - regression update
from 0, < 0.71.0-4
MEDIUM6.5poppler - regression update
from 0, < 0.26.5-2+deb8u7
MEDIUM6.5poppler - regression update
from 0, < 0.26.5-2+deb8u6
MEDIUM6.5Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space,…
from 0, < 0.69.0-2
MEDIUM6.5There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5.
from 0, < 0.38.0-2
MEDIUM6.5Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application…
from 0, < 0.57.0-2
MEDIUM6.5In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a…
from 0, < 0.57.0-2
MEDIUM6.5In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of se…
from 0, < 0.57.0-2
MEDIUM6.5poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc.
from 0
MEDIUM5.9Poppler is a PDF rendering library.
from 0
MEDIUM5.5A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malforme…
from 0, < 20.09.0-3.1+deb11u2
MEDIUM5.5An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf…
from 0, < 20.09.0-3.1+deb11u2
MEDIUM5.5A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafte…
from 0, < 22.12.0-2+deb12u1
MEDIUM5.5In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-ba…
from 0, < 0.16.3-1
MEDIUM5.5xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream obj…
from 0, < 0.16.3-1
MEDIUM5.5An issue was discovered in Xpdf 4.01.01.
from 0, < 0.57.0-2
MEDIUM5.5poppler - security update
from 0, < 0.26.5-2+deb8u5
MEDIUM5.5poppler - security update
from 0, < 0.48.0-2+deb9u3
MEDIUM5.5poppler - security update
from 0, < 0.69.0-2
MEDIUM5.5In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document.
from 0, < 0.61.1-2
MEDIUM5.5In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF doc…
from 0, < 0.61.1-2
MEDIUM5.5poppler - security update
from 0, < 0.48.0-2+deb9u4
MEDIUM5.5poppler - security update
from 0, < 0.61.1-2
MEDIUM5.5poppler - security update
from 0, < 0.18.4-6+deb7u3
MEDIUM5.5poppler - security update
from 0, < 0.61.1-2
MEDIUM5.5poppler - security update
from 0, < 0.26.5-2+deb8u2
MEDIUM5.5The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based b…
from 0, < 0.57.0-2
MEDIUM5.5poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.
from 0, < 0.57.0-2
MEDIUM5.5poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
from 0, < 0.57.0-2
MEDIUM4.3libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.
from 0, < 20.09.0-3.1+deb11u2
LOW3.3NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signa…
from 0
LOW2.9Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such a…
from 0
—Poppler ia a library for rendering PDF files, and examining or modifying their structure.
from 0
—poppler - security update
from 0, < 0.16.3-1
—poppler - security update
from 0, < 0.12.4-1.2+squeeze4
—The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local us…
from 0
—Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause…
from 0, < 0.18.4-9
—poppler - security update
from 0, < 0.18.4-9
—poppler - security update
from 0, < 0.18.4-6+deb7u2
—poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read…
from 0, < 0.18.4-6
—poppler - multiple issues
from 0, < 0.18.4-6
—poppler - multiple issues
from 0, < 0.12.4-1.2+squeeze3
—The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up t…
from 0, < 0.12.4-1.2
—The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions u…
from 0, < 0.12.4-1.2
—xpdf - several vulnerabilities
from 0, < 0.12.4-1.2
—xpdf - several vulnerabilities
from 0, < 0.8.7-4
—The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and v…
from 0, < 0.5.1-1
—Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly o…
from 0, < 0.12.2-2.1
—Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibl…
from 0, < 0.12.2-1
—Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, k…
from 0, < 0.12.2-1
—Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPd…
from 0, < 0.12.2-1
—Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause…
from 0, < 0.12.2-1
—Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allo…
from 0, < 0.12.2-1
—The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does…
from 0, < 0.12.2-1
—Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attacke…
from 0, < 0.12.2-1
—kdegraphics - several vulnerabilities
from 0, < 0.10.6-1
—Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and po…
from 0, < 0.10.6-1
—The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attacker…
from 0, < 0.10.6-1
—Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other pr…
from 0, < 0.10.6-1
—The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to…
from 0, < 0.10.6-1
—The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to…
from 0, < 0.10.6-1
—Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows…
from 0, < 0.10.6-1
—Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and othe…
from 0, < 0.10.6-1
—The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to…
from 0, < 0.10.6-1
—The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of serv…
from 0, < 0.10.6-1
—Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attack…
from 0, < 0.10.6-1
—kdegraphics - multiple vulnerabilities
from 0, < 0.10.6-1
—The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF…
from 0, < 0.10.6-1
—poppler - several vulnerabilities
from 0, < 0.8.7-3
—poppler - several vulnerabilities
from 0, < 0.10.6-1
—poppler - arbitrary code execution
from 0, < 0.8.2-2+lenny1
—poppler - arbitrary code execution
from 0, < 0.8.4-1.1
—poppler - execution of arbitrary code
from 0, < 0.6.4-1
—poppler - execution of arbitrary code
from 0, < 0.4.5-5.1etch3
—kdegraphics - buffer overflow with arbitrary code execution
from 0, < 0.6.2-1
—Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a c…
from 0, < 0.6.2-1
—koffice - several vulnerabilities
from 0, < 0.4.5-5.1etch2
—koffice - several vulnerabilities
from 0, < 0.6.2-1
—poppler - buffer overflow
from 0, < 0.5.4-6lenny2
—poppler - buffer overflow
from 0, < 0.5.4-6lenny1
—poppler - buffer overflow
from 0, < 0.4.5-5.1etch1
—poppler - buffer overflow
from 0, < 0.5.4-6.1
—The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and othe…
from 0, < 0.4.5-5.1
—libextractor - several
from 0, < 0.4.5-1
—The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others al…
from 0, < 0.4.4-1
—Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
from 0, < 0.4.3-2
—Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to m…
from 0, < 0.4.4-1
—Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
from 0, < 0.4.4-1
—koffice - several
from 0, < 0.4.3-2
—pdftohtml - several
from 0, < 0.4.2-1.1
—Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier…
from 0, < 0.4.2-1.1
—gpdf - multiple vulnerabilities
from 0, < 0.4.0-1