Vulnerabilities > Glyphandcog > Xpdfreader > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-10 | CVE-2021-40226 | Out-of-bounds Write vulnerability in Glyphandcog Xpdfreader 4.03 xpdfreader 4.03 is vulnerable to Buffer Overflow. | 7.5 |
| 2022-08-30 | CVE-2022-24106 | Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. | 7.8 |
| 2022-08-30 | CVE-2022-24107 | Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | 7.8 |
| 2019-07-04 | CVE-2019-13283 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. | 7.8 |
| 2019-07-04 | CVE-2019-13282 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. | 7.8 |
| 2019-07-04 | CVE-2019-13281 | Out-of-bounds Write vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. | 7.8 |
| 2019-06-25 | CVE-2019-12957 | Improper Validation of Array Index vulnerability in multiple products In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. | 7.8 |
| 2019-06-02 | CVE-2019-12515 | Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01 There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. | 7.1 |
| 2019-05-31 | CVE-2019-12493 | Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01 A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. | 7.1 |
| 2019-05-27 | CVE-2019-12360 | Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01 A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. | 7.1 |