Vulnerabilities > Glyphandcog > Xpdfreader > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-10 | CVE-2021-40226 | Out-of-bounds Write vulnerability in Glyphandcog Xpdfreader 4.03 xpdfreader 4.03 is vulnerable to Buffer Overflow. | 7.5 |
| 2022-08-30 | CVE-2022-24106 | Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. | 7.8 |
| 2022-08-30 | CVE-2022-24107 | Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | 7.8 |
| 2019-09-08 | CVE-2019-16115 | Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01 In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. | 7.8 |
| 2019-07-27 | CVE-2019-14288 | Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader 4.01.01 An issue was discovered in Xpdf 4.01.01. | 7.8 |
| 2019-07-04 | CVE-2019-13289 | Use After Free vulnerability in Glyphandcog Xpdfreader 4.01.01 In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. | 7.8 |
| 2019-07-04 | CVE-2019-13283 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. | 7.8 |
| 2019-07-04 | CVE-2019-13282 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. | 7.8 |
| 2019-07-04 | CVE-2019-13281 | Out-of-bounds Write vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. | 7.8 |
| 2019-06-25 | CVE-2019-12957 | Improper Validation of Array Index vulnerability in multiple products In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. | 7.8 |