82 matches found
EUVD-2019-4795
Malware in sbrugna...
EUVD-2022-31673
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-27135
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service Segmentation...
CVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service Segmentation fault or other unspecified effects by sending a crafted PDF file to the pdftoppm binary...
Excessive Memory Allocation (Throttling)
xpdf is vulnerable to Excessive Memory AllocationThrottling. The vulnerability is due to insufficient input validation, which allows crafted input to trigger excessive memory allocation. For example, sending a crafted PDF document to the pdftoppm binary can exploit this vulnerability, particularl...
SUSE CVE-2018-18455
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...
SUSE CVE-2018-18458
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted pdf file, as demonstrated by pdftoppm...
SUSE CVE-2018-18459
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted pdf file, as demonstrated by pdftoppm...
SUSE CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
SUSE CVE-2019-13289
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool...
SUSE CVE-2019-16115
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...
SUSE CVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service Segmentation fault or other unspecified effects by sending a crafted PDF file to the pdftoppm binary...
SUSE CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...
CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...
CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...
CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...
CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...
UBUNTU-CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...
CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...