Lucene search
K

227 matches found

OSV
OSV
added 2023/08/22 7:16 p.m.5 views

UBUNTU-CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS7AI score0.00921EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.37 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS6.8AI score0.00921EPSS
Exploits1References2
Snyk
Snyk
added 2023/08/22 6:44 p.m.3 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the PDFDoc::savePageAs function in PDFDoc.c, by crafting a PDF file that mishandles the xref data structure in getCatalog processing. Details Denial of Service DoS describes a family of attacks, all aimed at...

7.5CVSS6.9AI score0.00921EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/22 12:0 a.m.32 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

7.2AI score0.00921EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/08/22 12:0 a.m.3 views

PT-2023-5242 · Poppler +6 · Poppler +6

Name of the Vulnerable Software and Affected Versions: Poppler version 22.07.0 Description: The issue is related to the handling of the xref data structure in getCatalog processing, which can be exploited by crafting a malicious PDF file. This can cause a denial-of-service, leading to application...

7.8CVSS6.3AI score0.00959EPSS
Exploits10References95
OSV
OSV
added 2023/08/22 12:0 a.m.36 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS7.2AI score0.00921EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/08/22 12:0 a.m.3 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.6AI score0.00921EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2023/08/22 12:0 a.m.30 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS6.8AI score0.00921EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/08/09 12:0 a.m.35 views

openSUSE 15 Security Update : poppler (SUSE-SU-2023:3241-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3241-1 advisory. - CVE-2019-16115: Fixed an uninitialized memory error in GfxUnivariateShading::setupCache. bsc1150039 Tenable has extracted the preceding description...

7.8CVSS6.8AI score0.02196EPSS
Exploits2References7
SUSE CVE
SUSE CVE
added 2023/04/26 1:54 a.m.4 views

SUSE CVE-2023-2241

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to th...

7.8CVSS5.7AI score0.00372EPSS
Exploits1References3
Snyk
Snyk
added 2023/04/23 3:5 p.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the readXRefStreamEntry function of the file PdfXRefStreamParserObject.cpp. Remediation Upgrade podofo to version 0.10.4 or higher. References - GitHub Commit - GitHub Issue...

7.8CVSS7AI score0.00372EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.3 views

SUSE CVE-2015-8981

Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to moffsets.size...

9.8CVSS7.8AI score0.02618EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.5 views

SUSE CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

5.5CVSS6.8AI score0.0163EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.5 views

SUSE CVE-2017-14517

In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry function in XRef.cc via a crafted PDF document...

5.3CVSS7.7AI score0.01061EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-18186

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc...

5.5CVSS7.8AI score0.01144EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.2 views

SUSE CVE-2018-7174

An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams...

5.5CVSS6.8AI score0.00846EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.3 views

SUSE CVE-2018-10289

In MuPDF 1.13.0, there is an infinite loop in the fzskipspace function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file...

5.5CVSS5.7AI score0.0106EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-16369

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...

5.5CVSS6.7AI score0.01618EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.2 views

SUSE CVE-2018-20662

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

3.3CVSS9.3AI score0.02243EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.3 views

SUSE CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

5.3CVSS9.7AI score0.02196EPSS
Exploits1References10
Rows per page
Query Builder