VYPR
Vendor

Xpdf

Xpdf is a free and open-source PDF viewer and toolkit based on the Qt framework. Versions prior to 4.00 were written for the X Window System and Motif.

Products
3
CVEs
172
Across products
175
Status
Private

Products

3

Recent CVEs

172
View all 172 CVEs →
  • CVE-2018-11033HigMay 14, 2018
    risk 0.51cvss 7.8epss 0.01

    The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.

  • CVE-2018-8100HigMar 14, 2018
    risk 0.51cvss 7.8epss 0.01

    The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-16369MedSep 3, 2018
    risk 0.36cvss 5.5epss 0.02

    XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.

  • CVE-2018-16368MedSep 3, 2018
    risk 0.36cvss 5.5epss 0.01

    SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

  • CVE-2018-8107MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.01

    The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-8106MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.01

    The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-8105MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.01

    The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-8104MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.01

    The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-8103MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.01

    The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-8102MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.01

    The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-8101MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.01

    The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-7455MedFeb 24, 2018
    risk 0.36cvss 5.5epss 0.01

    An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-7454MedFeb 24, 2018
    risk 0.36cvss 5.5epss 0.01

    A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-7453MedFeb 24, 2018
    risk 0.36cvss 5.5epss 0.01

    Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.

  • CVE-2018-7452MedFeb 24, 2018
    risk 0.36cvss 5.5epss 0.01

    A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-7175MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.

  • CVE-2018-7174MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.

  • CVE-2018-7173MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.

  • CVE-2011-2902MedJan 30, 2018
    risk 0.35cvss 5.3epss 0.01

    zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.

  • CVE-2025-11896LowOct 16, 2025
    risk 0.14cvss epss 0.00

    In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow.