Search CVE reports
191 – 200 of 203 results
Some fixes available 25 of 36
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
13 affected packages
cups, cupsys, gpdf, ipe, kdegraphics...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cups | — | — | — | — |
cupsys | — | — | — | — |
gpdf | — | — | — | — |
ipe | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
libextractor | — | — | — | — |
pdfkit.framework | — | — | — | — |
pdftohtml | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
texlive-bin | — | — | — | — |
xpdf | — | — | — | — |
Some fixes available 25 of 36
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and...
13 affected packages
gpdf, cups, cupsys, ipe, kdegraphics...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
gpdf | — | — | — | — |
cups | — | — | — | — |
cupsys | — | — | — | — |
ipe | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
libextractor | — | — | — | — |
pdfkit.framework | — | — | — | — |
pdftohtml | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
texlive-bin | — | — | — | — |
xpdf | — | — | — | — |
Some fixes available 21 of 24
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote...
4 affected packages
xpdf, kdegraphics, koffice, poppler
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
xpdf | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
poppler | — | — | — | — |
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of...
5 affected packages
kdegraphics, koffice, poppler, tetex-bin, xpdf
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
xpdf | — | — | — | — |
Some fixes available 4 of 5
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors,...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cupsys | — | — | — | — |
gpdf | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
Some fixes available 13 of 14
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly...
6 affected packages
gpdf, kdegraphics, libextractor, pdftohtml, poppler, xpdf
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
gpdf | — | — | — | — |
kdegraphics | — | — | — | — |
libextractor | — | — | — | — |
pdftohtml | — | — | — | — |
poppler | — | — | — | — |
xpdf | — | — | — | — |
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cupsys | — | — | — | — |
gpdf | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1)...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cupsys | — | — | — | — |
gpdf | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cupsys | — | — | — | — |
gpdf | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and...
7 affected packages
cupsys, kdegraphics, koffice, pdftohtml, poppler...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cupsys | — | — | — | — |
kdegraphics | — | — | — | — |
koffice | — | — | — | — |
pdftohtml | — | — | — | — |
poppler | — | — | — | — |
tetex-bin | — | — | — | — |
xpdf | — | — | — | — |