← Back

Xpdf

xpdf

Vendor: Xpdfreader • 82 CVEs

CVEs (82)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2010-3702
9Apple
CanonicalDebian+6 more
11Cups
Debian LinuxEnterprise Linux Desktop+8 more
Apr 29, 2026
Nov 5, 2010
N/A· v4
N/A· v3
7.5 HIGH· v2
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a deni...Show more
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.Show less
CVE-2007-3387
6Apple
CanonicalDebian+3 more
6Cups
Debian LinuxGpdf+3 more
Apr 23, 2026
Jul 30, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might all...Show more
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.Show less