CVE-2026-54327

The Pi credential storage vulnerability (CVE-2026-54327) stems from a race in the auth.json write path. Between file creation/writes and the subsequent permission tightening, auth.json could be created or rewritten with permissions derived from the process umask, briefly exposing stored API keys ...

poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc

Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsamplerowboxfilter function...

poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc

A heap-based buffer underwrite exists in ImageStream::getLine located at Stream.cc in Poppler 0.74.0 that can for example be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impa...

poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc

Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsamplerowboxfilter function...

Poppler heap buffer overflow vulnerability (CNVD-2019-14279)

Poppler is a C++ class library for generating PDF, the library is inherited from Xpdf PDF reader. A buffer overflow vulnerability exists in the 'PSOutputDev::checkPageSlice' function in the PSOutputDev.cc file in Poppler version 0.74.0, which originates when a networked system or product performs...

PT-2019-19696 · Poppler +2 · Poppler +2

Name of the Vulnerable Software and Affected Versions: Poppler version 0.74.0 Description: An issue in the JBIG2Stream::readTextRegion function, located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file. This allows an attacker to cause a Denial of Service Segmentation fault or...