Lucene search
K

227 matches found

OSV
OSV
added 2024/10/30 12:0 a.m.3 views

UBUNTU-CVE-2024-46952

An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...

8.4CVSS7.4AI score0.00316EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/10/23 1:24 p.m.4 views

SUSE CVE-2024-46952

An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...

7.8CVSS7.5AI score0.00316EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/09/02 12:0 a.m.7 views

PT-2024-7789 · Artifex +7 · Artifex Ghostscript +7

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.04.0 Description: A buffer overflow issue exists in the pdf/pdf xref.c file of Artifex Ghostscript, related to the handling of a PDF XRef stream and W array values. This issue can be exploited by a...

8.4CVSS6.6AI score0.0153EPSS
Exploits0References90
OSV
OSV
added 2024/08/09 11:8 a.m.4 views

OESA-2024-1967 qpdf security update

QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It also provides many useful capabilities to developers of PDF-producing software or for people who just want to look at the innards of a PDF...

6.5CVSS7.6AI score0.0068EPSS
Exploits1References2
OSV
OSV
added 2024/08/09 11:8 a.m.3 views

OESA-2024-1966 qpdf security update

QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It also provides many useful capabilities to developers of PDF-producing software or for people who just want to look at the innards of a PDF...

6.5CVSS7.6AI score0.0068EPSS
Exploits1References2
OSV
OSV
added 2024/07/03 6:26 a.m.2 views

SUSE-SU-2024:2287-1 Security update for podofo

This update for podofo fixes the following issues: - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries bsc1213720 - Drop unused backup sources to clean up the compile env bsc1213720...

7.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/03 12:0 a.m.4 views

PT-2024-40997 · Podofo · Podofo

Name of the Vulnerable Software and Affected Versions: podofo affected versions not specified Description: The issue concerns the validation of encrypt dictionary parameters in PdfEncrypt and the handling of invalid XRef stream entries in PdfXRefStreamParserObject. Additionally, there is a cleanu...

6.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.4 views

PT-2024-40996 · Podofo · Podofo

Name of the Vulnerable Software and Affected Versions: podofo affected versions not specified Description: The issue concerns the validation of encrypt dictionary parameters in PdfEncrypt and the handling of invalid XRef stream entries in PdfXRefStreamParserObject. Recommendations: At the moment,...

6.9AI score
Exploits0References3
Veracode
Veracode
added 2024/04/10 5:9 p.m.19 views

Crash Issue

Xpdf is vulnerable to a crash issue. The vulnerability is due to a crash in the XRef::fetchint, int, Object, int function in xpdf/XRef.cc...

5.5CVSS5.4AI score0.00363EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/15 12:0 a.m.6 views

The vulnerability of the XRef::fetch() function in PDF viewing software, Xpdf, allows a malicious actor to cause an unexpected termination of the application.

The vulnerability of the XRef::fetch function xpdf/XRef.cc in PDF viewing software like Xpdf is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to cause the application to terminate abnormally...

5.5CVSS6.9AI score0.00363EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.41 views

SUSE SLED15: libpoppler-cpp0 / libpoppler-cpp0-32bit / libpoppler-devel / etc (SUSE-SU-2023:3947-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3947-1 advisory. - CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c bsc1214622. - CVE-2022-3705...

6.5CVSS6.8AI score0.00959EPSS
Exploits3References10
BDU FSTEC
BDU FSTEC
added 2023/09/20 12:0 a.m.5 views

The vulnerability of the Poppler PDF rendering library, related to improper resource termination or resource release, allows a perpetrator to trigger a service failure.

The vulnerability of the Poppler PDF rendering library is related to PDF files in which the xref data structure is incorrectly processed during the getCatalog operation. Exploiting this vulnerability can allow an attacker to cause service failures...

7.8CVSS6.8AI score0.00921EPSS
Exploits1References7Affected Software4
Redos
Redos
added 2023/09/19 12:0 a.m.39 views

ROS-20230918-04

A vulnerability in the Poppler PDF rendering library is related to the lack of thread checking before saving the embedded main function file in pdfunite.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. A vulnerability in the Poppler PDF...

6.5CVSS6.2AI score0.00959EPSS
Exploits4
OSV
OSV
added 2023/09/09 11:5 a.m.4 views

OESA-2023-1611 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes:...

7.5CVSS6.9AI score0.00959EPSS
Exploits5References6
OSV
OSV
added 2023/09/09 11:5 a.m.5 views

OESA-2023-1612 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes:...

7.5CVSS6.9AI score0.00959EPSS
Exploits5References6
SUSE CVE
SUSE CVE
added 2023/08/26 8:9 a.m.4 views

SUSE CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

5.5CVSS9.2AI score0.00921EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2023/08/24 7:15 p.m.29 views

CVE-2022-37050

A vulnerability was found in poppler, where PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing...

6.5CVSS6.1AI score0.00921EPSS
Exploits1References3
NVD
NVD
added 2023/08/22 7:16 p.m.28 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS6.6AI score0.00921EPSS
Exploits1References4
OSV
OSV
added 2023/08/22 7:16 p.m.1 views

DEBIAN-CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS6.8AI score0.00921EPSS
Exploits1References1
Prion
Prion
added 2023/08/22 7:16 p.m.28 views

Design/Logic Flaw

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

4.3CVSS6.3AI score0.02243EPSS
Exploits1References3Affected Software2
Rows per page
Query Builder