| Bug | Description |
|---|
| CVE-2025-3154 | Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an in ... |
| CVE-2025-2574 | Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect i ... |
| CVE-2024-7868 | In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream ... |
| CVE-2024-7867 | In Xpdf 4.05 (and earlier), very large coordinates in a page box can c ... |
| CVE-2024-7866 | In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource le ... |
| CVE-2024-3248 | In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads ... |
| CVE-2024-3247 | In Xpdf 4.05 (and earlier), a PDF object loop in an object stream lead ... |
| CVE-2023-26930 | Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker ... |
| CVE-2023-3436 | Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is ... |
| CVE-2023-3044 | An excessively large PDF page size (found in fuzz testing, unlikely in ... |
| CVE-2023-2664 | In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tre ... |
| CVE-2023-2663 | In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree l ... |
| CVE-2023-2662 | In Xpdf 4.04 (and earlier), a bad color space object in the input PDF ... |
| CVE-2022-48545 | An infinite recursion in Catalog::findDestInTree can cause denial of s ... |
| CVE-2022-45587 | Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpd ... |
| CVE-2022-45586 | Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in ... |
| CVE-2022-43295 | XPDF v4.04 was discovered to contain a stack overflow via the function ... |
| CVE-2022-43071 | A stack overflow in the Catalog::readPageLabelTree2(Object*) function ... |
| CVE-2022-41844 | An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch( ... |
| CVE-2022-41843 | An issue was discovered in Xpdf 4.04. There is a crash in convertToTyp ... |
| CVE-2022-41842 | An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_F ... |
| CVE-2022-38928 | XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2 ... |
| CVE-2022-38334 | XPDF v4.04 and earlier was discovered to contain a stack overflow via ... |
| CVE-2022-38238 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow v ... |
| CVE-2022-38237 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow v ... |
| CVE-2022-38236 | XPDF commit ffaf11c was discovered to contain a global-buffer overflow ... |
| CVE-2022-38235 | XPDF commit ffaf11c was discovered to contain a segmentation violation ... |
| CVE-2022-38234 | XPDF commit ffaf11c was discovered to contain a segmentation violation ... |
| CVE-2022-38233 | XPDF commit ffaf11c was discovered to contain a segmentation violation ... |
| CVE-2022-38231 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow v ... |
| CVE-2022-38230 | XPDF commit ffaf11c was discovered to contain a floating point excepti ... |
| CVE-2022-38229 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow v ... |
| CVE-2022-38228 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow v ... |
| CVE-2022-38227 | XPDF commit ffaf11c was discovered to contain a stack overflow via __a ... |
| CVE-2022-38222 | There is a use-after-free issue in JBIG2Stream::close() located in JBI ... |
| CVE-2022-36561 | XPDF v4.0.4 was discovered to contain a segmentation violation via the ... |
| CVE-2022-33108 | XPDF v4.04 was discovered to contain a stack overflow vulnerability vi ... |
| CVE-2022-30775 | xpdf 4.04 allocates excessive memory when presented with crafted input ... |
| CVE-2022-30524 | There is an invalid memory access in the TextLine class in TextOutputD ... |
| CVE-2022-27135 | xpdf 4.03 has heap buffer overflow in the function readXRefTable locat ... |
| CVE-2022-24107 | Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. |
| CVE-2021-36493 | Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attacke ... |
| CVE-2020-35376 | Xpdf 4.02 allows stack consumption because of an incorrect subroutine ... |
| CVE-2020-25725 | In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOut ... |
| CVE-2020-24999 | There is an invalid memory access in the function fprintf located in E ... |
| CVE-2020-24996 | There is an invalid memory access in the function TextString::~TextStr ... |
| CVE-2019-17064 | Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog ... |
| CVE-2019-16927 | Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the ... |
| CVE-2019-16115 | In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in ... |
| CVE-2019-16088 | Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive ... |
| CVE-2019-15860 | Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2. ... |
| CVE-2019-14294 | An issue was discovered in Xpdf 4.01.01. There is a use-after-free in ... |
| CVE-2019-14293 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14292 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14291 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14290 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14289 | An issue was discovered in Xpdf 4.01.01. There is an integer overflow ... |
| CVE-2019-14288 | An issue was discovered in Xpdf 4.01.01. There is an Integer overflow ... |
| CVE-2019-13291 | In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ... |
| CVE-2019-13289 | In Xpdf 4.01.01, there is a use-after-free vulnerability in the functi ... |
| CVE-2019-13288 | In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause ... |
| CVE-2019-13287 | In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the f ... |
| CVE-2019-13286 | In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ... |
| CVE-2019-13283 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in s ... |
| CVE-2019-13282 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in S ... |
| CVE-2019-13281 | In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DC ... |
| CVE-2019-12958 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in F ... |
| CVE-2019-12957 | In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C:: ... |
| CVE-2019-12515 | There is an out-of-bounds read vulnerability in the function FlateStre ... |
| CVE-2019-12493 | A stack-based buffer over-read exists in PostScriptFunction::transform ... |
| CVE-2019-12360 | A stack-based buffer over-read exists in FoFiTrueType::dumpString in f ... |
| CVE-2019-10026 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10025 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10024 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10023 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10022 | An issue was discovered in Xpdf 4.01.01. There is a NULL pointer deref ... |
| CVE-2019-10021 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10020 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10019 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-9878 | There is an invalid memory access in the function GfxIndexedColorSpace ... |
| CVE-2019-9877 | There is an invalid memory access vulnerability in the function TextPa ... |
| CVE-2019-9589 | There is a NULL pointer dereference vulnerability in PSOutputDev::setu ... |
| CVE-2019-9588 | There is an Invalid memory access in gAtomicIncrement() located at GMu ... |
| CVE-2019-9587 | There is a stack consumption issue in md5Round1() located in Decrypt.c ... |
| CVE-2018-18651 | An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroFo ... |
| CVE-2018-18650 | An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc ... |
| CVE-2012-2142 | The error function in Error.cc in poppler before 0.21.4 allows remote ... |
| CVE-2011-2902 | zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-1 ... |
| CVE-2011-1554 | Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3. ... |
| CVE-2011-1553 | Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xp ... |
| CVE-2011-1552 | t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ... |
| CVE-2011-0764 | t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ... |
| CVE-2010-4654 | poppler before 0.16.3 has malformed commands that may cause corruption ... |
| CVE-2010-4653 | An integer overflow condition in poppler before 0.16.3 can occur when ... |
| CVE-2010-3704 | The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser i ... |
| CVE-2010-3703 | The PostScriptFunction::PostScriptFunction function in poppler/Functio ... |
| CVE-2010-3702 | The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, pop ... |
| CVE-2009-4035 | The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf ... |
| CVE-2009-3609 | Integer overflow in the ImageStream::ImageStream function in Stream.cc ... |
| CVE-2009-3608 | Integer overflow in the ObjectStream::ObjectStream function in XRef.cc ... |
| CVE-2009-3606 | Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf bef ... |
| CVE-2009-3604 | The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before ... |
| CVE-2009-3603 | Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3. ... |
| CVE-2009-1188 | Integer overflow in the JBIG2 decoding feature in the SplashBitmap::Sp ... |
| CVE-2009-1183 | The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earl ... |
| CVE-2009-1182 | Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and ... |
| CVE-2009-1181 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-1180 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-1179 | Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUP ... |
| CVE-2009-1144 | Untrusted search path vulnerability in the Gentoo package of Xpdf befo ... |
| CVE-2009-0800 | Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 ... |
| CVE-2009-0799 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-0195 | Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, an ... |
| CVE-2009-0166 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-0165 | Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as ... |
| CVE-2009-0147 | Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ea ... |
| CVE-2009-0146 | Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ear ... |
| CVE-2008-2950 | The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earl ... |
| CVE-2008-1693 | The CairoFont::create function in CairoFontEngine.cc in Poppler, possi ... |
| CVE-2007-5393 | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in x ... |
| CVE-2007-5392 | Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in X ... |
| CVE-2007-4352 | Array index error in the DCTStream::readProgressiveDataUnit method in ... |
| CVE-2007-3387 | Integer overflow in the StreamPredictor::StreamPredictor function in x ... |
| CVE-2007-0104 | The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patc ... |
| CVE-2006-1244 | Unspecified vulnerability in certain versions of xpdf after 3.00, as u ... |
| CVE-2006-0301 | Heap-based buffer overflow in Splash.cc in xpdf, as used in other prod ... |
| CVE-2005-3628 | Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Strea ... |
| CVE-2005-3627 | Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ... |
| CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpd ... |
| CVE-2005-3193 | Heap-based buffer overflow in the JPXStream::readCodestream function i ... |
| CVE-2005-3192 | Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.0 ... |
| CVE-2005-3191 | Multiple heap-based buffer overflows in the (1) DCTStream::readProgres ... |
| CVE-2005-2097 | xpdf and kpdf do not properly validate the "loca" table in PDF files, ... |
| CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CV ... |
| CVE-2005-0064 | Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc fo ... |
| CVE-2004-1125 | Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, ... |
| CVE-2004-0889 | Multiple integer overflows in xpdf 3.0, and other packages that use xp ... |
| CVE-2004-0888 | Multiple integer overflows in xpdf 2.0 and 3.0, and other packages tha ... |
| CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 ... |
| CVE-2002-1384 | Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, ... |