Search CVE reports
211 – 220 of 490 results
Some fixes available 1 of 6
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected |
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops...
4 affected packages
ipe, libextractor, xpdf, poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected |
| poppler | — | Not affected | Not affected | Not affected |
There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an...
4 affected packages
poppler, xpdf, ipe, libextractor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected |
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an...
6 affected packages
xpdf, ipe, libextractor, poppler, texlive-bin, utopia-documents
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xpdf | — | Not affected | Not in release | Not affected |
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |
| texlive-bin | — | Not affected | Not affected | Not affected |
| utopia-documents | — | Not in release | Not in release | Not in release |
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service...
6 affected packages
texlive-bin, libextractor, ipe, xpdf, poppler, utopia-documents
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| texlive-bin | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| ipe | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| utopia-documents | Not in release | Not in release | Not in release | Not in release |
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service...
6 affected packages
texlive-bin, ipe, libextractor, poppler, utopia-documents, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| texlive-bin | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| ipe | Not affected | Not affected | Not affected | Not affected |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| utopia-documents | Not in release | Not in release | Not in release | Not in release |
| xpdf | Not affected | Not affected | Not in release | Not affected |
Some fixes available 1 of 2
In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler.
1 affected package
tor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tor | — | Not affected | Not affected | Fixed |
In parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted input file leads to a use after free in get_failed_assumptions or btor_delete.
1 affected package
boolector
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| boolector | — | — | — | Not affected |
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows...
1 affected package
mysql-connector-python
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-connector-python | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 2 of 4
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
1 affected package
libextractor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libextractor | Not affected | Not affected | Not affected | Vulnerable |