| Bug | Description |
|---|
| CVE-2025-32365 | Poppler before 25.04.0 allows crafted input files to trigger out-of-bo ... |
| CVE-2025-32364 | A floating-point exception in the PSStack::roll function of Poppler be ... |
| CVE-2024-56378 | libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vul ... |
| CVE-2023-34872 | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a re ... |
| CVE-2022-38784 | Poppler prior to and including 22.08.0 contains an integer overflow in ... |
| CVE-2022-38349 | An issue was discovered in Poppler 22.08.0. There is a reachable asser ... |
| CVE-2022-37052 | A reachable Object::getString assertion in Poppler 22.07.0 allows atta ... |
| CVE-2022-37051 | An issue was discovered in Poppler 22.07.0. There is a reachable abort ... |
| CVE-2022-37050 | In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers t ... |
| CVE-2022-27337 | A logic error in the Hints::Hints function of Poppler v22.03.0 allows ... |
| CVE-2021-40226 | xpdfreader 4.03 is vulnerable to Buffer Overflow. |
| CVE-2020-36024 | An issue was discovered in freedesktop poppler version 20.12.1, allows ... |
| CVE-2020-36023 | An issue was discovered in freedesktop poppler version 20.12.1, allows ... |
| CVE-2020-35702 | DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-base ... |
| CVE-2020-27778 | A flaw was found in Poppler in the way certain PDF files were converte ... |
| CVE-2020-23804 | Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allow ... |
| CVE-2020-18839 | Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 ... |
| CVE-2019-14494 | An issue was discovered in Poppler through 0.78.0. There is a divide-b ... |
| CVE-2019-12957 | In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C:: ... |
| CVE-2019-12493 | A stack-based buffer over-read exists in PostScriptFunction::transform ... |
| CVE-2019-12360 | A stack-based buffer over-read exists in FoFiTrueType::dumpString in f ... |
| CVE-2019-12293 | In Poppler through 0.76.1, there is a heap-based buffer over-read in J ... |
| CVE-2019-11026 | FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infini ... |
| CVE-2019-10873 | An issue was discovered in Poppler 0.74.0. There is a NULL pointer der ... |
| CVE-2019-10872 | An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ... |
| CVE-2019-10871 | An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ... |
| CVE-2019-10018 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-9959 | The JPXStream::init function in Poppler 0.78.0 and earlier doesn't che ... |
| CVE-2019-9903 | PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict mark ... |
| CVE-2019-9631 | Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBo ... |
| CVE-2019-9200 | A heap-based buffer underwrite exists in ImageStream::getLine() locate ... |
| CVE-2019-7310 | In Poppler 0.73.0, a heap-based buffer over-read (due to an integer si ... |
| CVE-2018-21009 | Poppler before 0.66.0 has an integer overflow in Parser::makeStream in ... |
| CVE-2018-20662 | In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to caus ... |
| CVE-2018-20650 | A reachable Object::dictLookup assertion in Poppler 0.72.0 allows atta ... |
| CVE-2018-20551 | A reachable Object::getString assertion in Poppler 0.72.0 allows attac ... |
| CVE-2018-20481 | XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRe ... |
| CVE-2018-19149 | Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attac ... |
| CVE-2018-19060 | An issue was discovered in Poppler 0.71.0. There is a NULL pointer der ... |
| CVE-2018-19059 | An issue was discovered in Poppler 0.71.0. There is a out-of-bounds re ... |
| CVE-2018-19058 | An issue was discovered in Poppler 0.71.0. There is a reachable abort ... |
| CVE-2018-18897 | An issue was discovered in Poppler 0.71.0. There is a memory leak in G ... |
| CVE-2018-16646 | In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may caus ... |
| CVE-2018-13988 | Poppler through 0.62 contains an out of bounds read vulnerability due ... |
| CVE-2018-10768 | There is a NULL pointer dereference in the AnnotPath::getCoordsLength ... |
| CVE-2017-1000456 | freedesktop.org libpoppler 0.60.1 fails to validate boundaries in Text ... |
| CVE-2017-18267 | The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler thr ... |
| CVE-2017-15565 | In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageCo ... |
| CVE-2017-14977 | The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0 ... |
| CVE-2017-14976 | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0. ... |
| CVE-2017-14975 | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0. ... |
| CVE-2017-14929 | In Poppler 0.59.0, memory corruption occurs in a call to Object::dictL ... |
| CVE-2017-14928 | In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia ... |
| CVE-2017-14927 | In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutp ... |
| CVE-2017-14926 | In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia ... |
| CVE-2017-14617 | In Poppler 0.59.0, a floating point exception occurs in the ImageStrea ... |
| CVE-2017-14520 | In Poppler 0.59.0, a floating point exception occurs in Splash::scaleI ... |
| CVE-2017-14519 | In Poppler 0.59.0, memory corruption occurs in a call to Object::strea ... |
| CVE-2017-14518 | In Poppler 0.59.0, a floating point exception exists in the isImageInt ... |
| CVE-2017-14517 | In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::pars ... |
| CVE-2017-9865 | The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54. ... |
| CVE-2017-9776 | Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in ... |
| CVE-2017-9775 | Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0 ... |
| CVE-2017-9408 | In Poppler 0.54.0, a memory leak vulnerability was found in the functi ... |
| CVE-2017-9406 | In Poppler 0.54.0, a memory leak vulnerability was found in the functi ... |
| CVE-2017-7515 | poppler through version 0.55.0 is vulnerable to an uncontrolled recurs ... |
| CVE-2017-7511 | poppler since version 0.17.3 has been vulnerable to NULL pointer deref ... |
| CVE-2015-8868 | Heap-based buffer overflow in the ExponentialFunction::ExponentialFunc ... |
| CVE-2013-7296 | The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler befo ... |
| CVE-2013-4474 | Format string vulnerability in the extractPages function in utils/pdfs ... |
| CVE-2013-4473 | Stack-based buffer overflow in the extractPages function in utils/pdfs ... |
| CVE-2013-1790 | poppler/Stream.cc in poppler before 0.22.1 allows context-dependent at ... |
| CVE-2013-1789 | splash/Splash.cc in poppler before 0.22.1 allows context-dependent att ... |
| CVE-2013-1788 | poppler before 0.22.1 allows context-dependent attackers to cause a de ... |
| CVE-2012-2142 | The error function in Error.cc in poppler before 0.21.4 allows remote ... |
| CVE-2011-1554 | Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3. ... |
| CVE-2011-1553 | Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xp ... |
| CVE-2011-1552 | t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ... |
| CVE-2011-0764 | t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ... |
| CVE-2010-5110 | DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause ... |
| CVE-2010-4654 | poppler before 0.16.3 has malformed commands that may cause corruption ... |
| CVE-2010-4653 | An integer overflow condition in poppler before 0.16.3 can occur when ... |
| CVE-2010-3704 | The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser i ... |
| CVE-2010-3703 | The PostScriptFunction::PostScriptFunction function in poppler/Functio ... |
| CVE-2010-3702 | The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, pop ... |
| CVE-2010-0207 | In xpdf, the xref table contains an infinite loop which allows remote ... |
| CVE-2010-0206 | xpdf allows remote attackers to cause a denial of service (NULL pointe ... |
| CVE-2009-4035 | The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf ... |
| CVE-2009-3938 | Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOu ... |
| CVE-2009-3609 | Integer overflow in the ImageStream::ImageStream function in Stream.cc ... |
| CVE-2009-3608 | Integer overflow in the ObjectStream::ObjectStream function in XRef.cc ... |
| CVE-2009-3607 | Integer overflow in the create_surface_from_thumbnail_data function in ... |
| CVE-2009-3606 | Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf bef ... |
| CVE-2009-3605 | Multiple integer overflows in Poppler 0.10.5 and earlier allow remote ... |
| CVE-2009-3604 | The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before ... |
| CVE-2009-3603 | Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3. ... |
| CVE-2009-1188 | Integer overflow in the JBIG2 decoding feature in the SplashBitmap::Sp ... |
| CVE-2009-1187 | Integer overflow in the JBIG2 decoding feature in Poppler before 0.10. ... |
| CVE-2009-1183 | The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earl ... |
| CVE-2009-1182 | Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and ... |
| CVE-2009-1181 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-1180 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-1179 | Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUP ... |
| CVE-2009-0800 | Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 ... |
| CVE-2009-0799 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-0756 | The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 a ... |
| CVE-2009-0755 | The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 a ... |
| CVE-2009-0166 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-0147 | Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ea ... |
| CVE-2009-0146 | Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ear ... |
| CVE-2008-2950 | The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earl ... |
| CVE-2008-1693 | The CairoFont::create function in CairoFontEngine.cc in Poppler, possi ... |
| CVE-2007-5393 | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in x ... |
| CVE-2007-5392 | Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in X ... |
| CVE-2007-4352 | Array index error in the DCTStream::readProgressiveDataUnit method in ... |
| CVE-2007-3387 | Integer overflow in the StreamPredictor::StreamPredictor function in x ... |
| CVE-2007-0104 | The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patc ... |
| CVE-2006-0301 | Heap-based buffer overflow in Splash.cc in xpdf, as used in other prod ... |
| CVE-2005-3627 | Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ... |
| CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpd ... |
| CVE-2005-3193 | Heap-based buffer overflow in the JPXStream::readCodestream function i ... |
| CVE-2005-3192 | Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.0 ... |
| CVE-2005-3191 | Multiple heap-based buffer overflows in the (1) DCTStream::readProgres ... |
| CVE-2005-2097 | xpdf and kpdf do not properly validate the "loca" table in PDF files, ... |