Max CVSS 7.6 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-9959 4.3
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attac
11-02-2023 - 18:27 22-07-2019 - 15:15
CVE-2019-14494 4.3
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
18-01-2023 - 21:19 01-08-2019 - 17:15
CVE-2019-8768 5.0
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items.
01-12-2021 - 16:47 18-12-2019 - 18:15
CVE-2019-9631 7.5
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
23-07-2020 - 12:15 08-03-2019 - 05:29
CVE-2019-3825 6.9
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to
09-10-2019 - 23:49 06-02-2019 - 20:29
CVE-2017-1000083 6.8
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option su
03-10-2019 - 00:03 05-09-2017 - 06:29
CVE-2018-13988 4.3
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitab
25-04-2019 - 14:16 25-07-2018 - 23:29
CVE-2010-2643 7.6
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
19-01-2012 - 03:49 07-01-2011 - 19:00
Back to Top Mark selected
Back to Top