Vulnerabilities > Glyphandcog

DATE CVE VULNERABILITY TITLE RISK
2023-05-10 CVE-2023-31554 Out-of-bounds Write vulnerability in Glyphandcog Pdfimages 4.04
xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readPageLabelTree2(Object*).
local
low complexity
glyphandcog CWE-787
5.5
2022-11-10 CVE-2021-40226 Out-of-bounds Write vulnerability in Glyphandcog Xpdfreader 4.03
xpdfreader 4.03 is vulnerable to Buffer Overflow.
network
low complexity
glyphandcog CWE-787
7.5
2022-08-30 CVE-2022-24106 Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
local
low complexity
glyphandcog CWE-190
7.8
2022-08-30 CVE-2022-24107 Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
local
low complexity
glyphandcog CWE-190
7.8
2019-10-01 CVE-2019-17064 NULL Pointer Dereference vulnerability in Glyphandcog Xpdfreader 4.02
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
local
low complexity
glyphandcog CWE-476
5.5
2019-09-27 CVE-2019-16927 Out-of-bounds Write vulnerability in Glyphandcog Xpdf 4.01.01
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877.
4.3
2019-09-08 CVE-2019-16115 Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor.
6.8
2019-09-06 CVE-2019-16088 Uncontrolled Recursion vulnerability in Glyphandcog Xpdfreader 3.04
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.
4.3
2019-09-03 CVE-2019-15860 NULL Pointer Dereference vulnerability in Glyphandcog Xpdfreader 2.00
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc.
4.3
2019-07-27 CVE-2019-14294 Use After Free vulnerability in Glyphandcog Xpdfreader 4.01.01
An issue was discovered in Xpdf 4.01.01.
4.3