AlmaLinux 8 : poppler (ALSA-2026:24984)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:24984 advisory. poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 Tenabl...

EUVD-2019-5670

Malware in sbrugna...

EUVD-2017-6404

Malware in sbrugna...

SUSE CVE-2017-14927

In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0 function in SplashOutputDev.cc via a crafted PDF document...

NewStart CGSL MAIN 6.02 : poppler Vulnerability (NS-SA-2021-0126)

The remote NewStart CGSL host, running version MAIN 6.02, has poppler packages installed that are affected by a vulnerability: - An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc...

CentOS 8 : poppler (CESA-2020:4643)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4643 advisory. - poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc CVE-2019-14494 Note that Nessus has not tested for this issue but...

Xpdf Resource Management Error Vulnerability (CNVD-2021-02629)

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. Xpdf 4.02 has a resource management error vulnerability. The vulnerability stems from SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 attempts to use the freed...

CVE-2020-25725

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

Heap overflow

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

CVE-2020-25725

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

CVE-2020-25725

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

CVE-2020-25725

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

Amazon Linux AMI : poppler (ALAS-2020-1450)

The version of poppler installed on the remote host is prior to 0.26.5-43.22. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1450 advisory. A divide-by-zero error was found in the way Poppler handled certain PDF files. A remote attacker could exploit this flaw by...

EulerOS 2.0 SP2 : poppler (EulerOS-SA-2020-2386)

According to the versions of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent...

Scientific Linux Security Update : evince and poppler on SL7.x x86_64 (20201001)

Security Fixes : - poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc CVE-2019-14494 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid141747; scriptversion"1.3";...

poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc

A divide-by-zero error was found in the way Poppler handled certain PDF files. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by an application linked to Poppler, would crash the application causing a denial of service...

EulerOS 2.0 SP3 : poppler (EulerOS-SA-2020-2106)

According to the versions of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent...

The vulnerability of the SplashOutputDev::tilingPatternFill function (SplashOutputDev.cc), a library for displaying PDF files in Poppler, allows a hacker to trigger a service failure.

The vulnerability of the SplashOutputDev::tilingPatternFill function SplashOutputDev.cc, which is part of the Poppler PDF rendering library, is related to division by zero errors. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Denial Of Service (DoS)

libpoppler.so is vulnerable to denial of service DoS. The attack exists because it does not prevent having integer overflow in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc...

Poppler De-Zero Error Vulnerability

Poppler is based on xpdf-3.0 code base PDF rendering library. A divide-by-zero error vulnerability exists in the SplashOutputDev::tilingPatternFill function in SplashOutputDev.cc in Poppler 0.78.0 and earlier versions, which can be exploited by an attacker to cause a denial of service...