CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

NVD•added 2025/10/16 10:15 p.m.•1 views

CVE-2025-11896

In Xpdf 4.05 and earlier, a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow...

2.1CVSS0.00009EPSS

Exploits0References1

SUSE CVE•added 2025/02/14 6:59 a.m.•1 views

SUSE CVE-2023-2663

In Xpdf 4.04 and earlier, a PDF object loop in the page label tree leads to infinite recursion and a stack overflow...

9.1CVSS6.2AI score0.00077EPSS

Exploits1References3

OSV•added 2024/03/26 10:15 p.m.•1 views

UBUNTU-CVE-2024-2971

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file...

5.5CVSS5.8AI score0.0002EPSS

Exploits0References3

Positive Technologies•added 2024/03/26 12:0 a.m.•4 views

PT-2024-22965

Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue is an out-of-bounds array write in Xpdf, triggered by a negative object number in an indirect reference in the input PDF file. This occurs when the software processes a PDF file containing a...

8.2CVSS6.6AI score0.0024EPSS

Exploits2References25

Positive Technologies•added 2023/04/26 12:0 a.m.•4 views

PT-2023-20855 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: XPDF version 4.04 Description: A Buffer Overflow issue was discovered, allowing an attacker to cause a Denial of Service via the TextOutputDev.cc function. Recommendations: For XPDF version 4.04, at the moment, there is no information about a...

5.5CVSS6.2AI score

Exploits0References7

Positive Technologies•added 2022/09/30 12:0 a.m.•2 views

PT-2022-26093 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.04 Description: An issue was discovered that causes a crash in the gfseek IO FILE, long, int function in the goo/gfile.cc file. Recommendations: For Xpdf version 4.04, as a temporary workaround, consider disabling the gfseek...

9.1CVSS5.7AI score0.02209EPSS

Exploits24References69

Positive Technologies•added 2019/03/06 12:0 a.m.•3 views

PT-2019-19728 · Foolabs +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01 Description: A stack consumption issue exists in the md5Round1 function located in Decrypt.cc. This issue can be triggered by sending a crafted pdf file to the pdfimages binary, allowing an attacker to cause a Denial of...

9.1CVSS6.2AI score0.02209EPSS

Exploits24References63

OSV•added 2018/02/15 9:29 p.m.•5 views

CVE-2018-7173

A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding...

5.5CVSS6.5AI score

Exploits0References1

OSV•added 2009/04/23 5:30 p.m.•6 views

CVE-2009-0800

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...

7.4AI score

Exploits0References42

securityvulns•added 2007/11/08 12:0 a.m.•34 views

Xpdf multiple security vulnerabilities

Buffer overflows, integer overflows, array index overflows...

9.3CVSS3.6AI score0.25469EPSS

Exploits1References1Affected Software1

OSV•added 2005/12/08 1:3 a.m.•5 views

CVE-2005-3192

Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as 1 Poppler, 2 teTeX, 3 KDE kpdf, and 4 pdftohtml, 5 KOffice KWord, 6 CUPS, and 7 libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps number o...

7.7AI score

Exploits0References115

OSV•added 2003/01/06 12:0 a.m.•24 views

DSA-222 xpdf - integer overflow

Bulletin has no description...

7.2CVSS7.3AI score0.0007EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by