CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Veracode•added 2024/04/10 7:36 p.m.•27 views

Integer Overflow

Xpdf is vulnerable to an integer overflow in JPXStream.cc...

7.8CVSS7AI score0.0013EPSS

Exploits0References4Affected Software1

Prion•added 2022/08/30 4:15 a.m.•19 views

Integer overflow

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

4.4CVSS7.6AI score0.0013EPSS

Exploits0References2Affected Software1

CVE•added 2022/08/30 3:4 a.m.•63 views

CVE-2022-24107

CVE-2022-24107 affects Xpdf prior to 4.04, where an integer overflow check is missing in JPXStream.cc. Multiple connected sources (Ubuntu USN; Mageia, Gentoo GLSA) reference this CVE alongside others for Xpdf versions prior to 4.04 and suggest upgrading to 4.04 as the resolution. The issue is des...

7.8CVSS7.5AI score0.0013EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2022/08/30 3:4 a.m.•26 views

CVE-2022-24107

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

7.8CVSS7.7AI score0.0013EPSS

Exploits0

Cvelist•added 2022/08/30 3:4 a.m.•22 views

CVE-2022-24107

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

7.8AI score0.0013EPSS

Exploits0References2

Positive Technologies•added 2022/08/30 12:0 a.m.•4 views

PT-2022-16468 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: Xpdf versions prior to 4.04 Description: The issue is related to an integer overflow check in JPXStream.cc. This lack of check may lead to potential security issues. Recommendations: For versions prior to 4.04, update to version 4.04 or later...

7.8CVSS7.5AI score0.0013EPSS

Exploits0References10

ATTACKERKB•added 2022/04/18 9:0 p.m.•3 views

CVE-2022-24107

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

7.8CVSS5.4AI score0.0013EPSS

Exploits0References5

CNVD•added 2019/07/29 12:0 a.m.•2 views

Xpdf memory misreference vulnerability (CNVD-2019-26658)

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A memory misreference vulnerability exists in the JPXStream::fillReadBuf function in JPXStream.cc in Xpdf 4.01.01. An attacker could exploit this vulnerability to cause a denial of...

5.5CVSS6.7AI score0.00194EPSS

Exploits1References1

NVD•added 2019/07/27 7:15 p.m.•14 views

CVE-2019-14294

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read...

5.5CVSS5.5AI score0.00194EPSS

Exploits1References2

CVE•added 2019/07/27 6:40 p.m.•52 views

CVE-2019-14294

CVE-2019-14294 affects Xpdf 4.01.01. The issue is a use-after-free in JPXStream::fillReadBuf (JPXStream.cc) caused by an out-of-bounds read. Public sources describe this as a vulnerability in Xpdf with references to memory misreference and potential denial of service; there are notes about unpatc...

5.5CVSS5.7AI score0.00194EPSS

Exploits1References2Affected Software1

Debian CVE•added 2018/03/14 3:0 a.m.•19 views

CVE-2018-8106

The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

5.5CVSS5.7AI score0.00137EPSS

Exploits0

CNVD•added 2018/02/24 12:0 a.m.•3 views

Xpdf 'JPXStream::fillReadBuf' function null pointer dereference vulnerability

Xpdf is an open source PDF reader , it supports decoding LZW compressed format files as well as reading encrypted PDF files . A security vulnerability exists in the 'JPXStream::fillReadBuf' function in the JPXStream.cc file in Xpdf version 4.00. An attacker can exploit this vulnerability to cause...

5.5CVSS6.7AI score0.00137EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by