Search CVE reports

Toggle filters

201 – 210 of 496 results

CVE-2019-13281

Medium priority
Ignored

In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool....

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-12958

Medium priority

Some fixes available 12 of 19

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one...

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Fixed Fixed Fixed
Show less packages

CVE-2019-12957

Medium priority
Ignored

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF...

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-12515

Medium priority
Ignored

There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an...

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-12493

Negligible priority
Vulnerable

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered...

7 affected packages

texlive-bin, utopia-documents, emscripten, ipe, libextractor...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
texlive-bin Vulnerable Vulnerable Vulnerable Vulnerable
utopia-documents Not in release Not in release Not in release Not in release
emscripten Ignored Ignored Not in release Ignored
ipe Not affected Not affected Not affected Not affected
libextractor Not affected Not affected Not affected Not affected
poppler Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected
Show all 7 packages Show less packages

CVE-2019-12360

Low priority
Vulnerable

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an...

7 affected packages

emscripten, ipe, texlive-bin, libextractor, xpdf...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
emscripten Ignored Ignored Not in release Ignored
ipe Not affected Not affected Not affected Not affected
texlive-bin Vulnerable Vulnerable Vulnerable Vulnerable
libextractor Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected
poppler Not affected Not affected Not affected Not affected
utopia-documents Not in release Not in release Not in release Not in release
Show all 7 packages Show less packages

CVE-2017-12778

Medium priority
Ignored

The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the...

1 affected package

qbittorrent

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qbittorrent Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-2692

Medium priority
Ignored

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon...

1 affected package

mysql-connector-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mysql-connector-java Not affected
Show less packages

CVE-2019-10026

Medium priority
Ignored

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case.

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-10025

Low priority
Ignored

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages
  1. Previous page
  2. 19
  3. 20
  4. 21
  5. 22
  6. 23
  7. Next page
Export to JSON