CVEs (7)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
4Debian GnomeOpensuse+1 more4Debian Linux Enterprise LinuxEvince+1 moreNov 21, 2024 Nov 1, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 evince is missing a check on number of pages which can lead to a segmentation fault |
4Canonical DebianGnome+1 more4Debian Linux EvinceLeap+1 moreNov 21, 2024 Jul 15, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs beca...Show more |
6Canonical DebianFedoraproject+3 more9Debian Linux Enterprise LinuxEnterprise Linux Eus+6 moreNov 21, 2024 Apr 22, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory u...Show more |
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91. |
3Debian GnomeRedhat8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 moreMay 13, 2026 Sep 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with...Show more |
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a de...Show more |
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly ex...Show more |