| 0 |
| url |
VCID-1jb4-rynb-sfcq |
| vulnerability_id |
VCID-1jb4-rynb-sfcq |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-3044 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13392 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13605 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13596 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13569 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.1353 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13483 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13395 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13666 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13465 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13546 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-3044 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-3044
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1jb4-rynb-sfcq |
|
| 1 |
| url |
VCID-1z9b-trb7-2ubp |
| vulnerability_id |
VCID-1z9b-trb7-2ubp |
| summary |
KPdf and KWord both include vulnerable Xpdf code to handle PDF files,
making them vulnerable to the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
|
| 1 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
|
| 2 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
|
| 3 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3626 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92772 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92732 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92739 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92745 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92742 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92752 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92756 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92762 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.09332 |
| scoring_system |
epss |
| scoring_elements |
0.92761 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3626 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
| 141 |
|
| 142 |
|
| 143 |
|
| 144 |
|
| 145 |
|
| 146 |
|
| 147 |
|
| 148 |
|
| 149 |
|
| 150 |
|
| 151 |
|
| 152 |
|
| 153 |
|
| 154 |
|
| 155 |
|
| 156 |
|
| 157 |
|
| 158 |
|
| 159 |
|
| 160 |
|
| 161 |
|
| 162 |
|
| 163 |
|
| 164 |
|
| 165 |
|
| 166 |
|
| 167 |
|
| 168 |
|
| 169 |
|
| 170 |
|
| 171 |
|
| 172 |
|
| 173 |
|
| 174 |
|
| 175 |
|
| 176 |
|
| 177 |
|
| 178 |
|
| 179 |
|
| 180 |
|
| 181 |
|
| 182 |
|
| 183 |
|
| 184 |
|
| 185 |
|
| 186 |
|
| 187 |
|
| 188 |
|
| 189 |
|
| 190 |
|
| 191 |
|
| 192 |
|
| 193 |
|
| 194 |
|
| 195 |
|
| 196 |
|
| 197 |
|
| 198 |
|
| 199 |
|
| 200 |
|
| 201 |
|
| 202 |
|
| 203 |
|
| 204 |
|
| 205 |
|
| 206 |
|
| 207 |
|
| 208 |
|
| 209 |
|
| 210 |
|
| 211 |
|
| 212 |
|
| 213 |
|
| 214 |
|
| 215 |
|
| 216 |
|
| 217 |
|
| 218 |
|
| 219 |
|
| 220 |
|
| 221 |
|
| 222 |
|
| 223 |
|
| 224 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3626
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1z9b-trb7-2ubp |
|
| 2 |
| url |
VCID-28eu-nxmr-17bh |
| vulnerability_id |
VCID-28eu-nxmr-17bh |
| summary |
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13291 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.4779 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47673 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.4771 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47731 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.4768 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47735 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47756 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47733 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47743 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47797 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13291 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13291
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-28eu-nxmr-17bh |
|
| 3 |
| url |
VCID-2gzf-29w4-puhx |
| vulnerability_id |
VCID-2gzf-29w4-puhx |
| summary |
A vulnerability in Xpdf might allow local attackers to execute arbitrary
code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1144 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25638 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25709 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25751 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.2552 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25593 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.2564 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25651 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.2561 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25553 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25557 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25543 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1144 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1144
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2gzf-29w4-puhx |
|
| 4 |
| url |
VCID-35b2-jj1x-rkcf |
| vulnerability_id |
VCID-35b2-jj1x-rkcf |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3604 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91751 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.9176 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91766 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91773 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91785 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91792 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91795 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91797 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91793 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91812 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.07495 |
| scoring_system |
epss |
| scoring_elements |
0.91805 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3604 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-3604
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-35b2-jj1x-rkcf |
|
| 5 |
| url |
VCID-3dkg-qm6d-47ha |
| vulnerability_id |
VCID-3dkg-qm6d-47ha |
| summary |
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14294 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41342 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41245 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41337 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41365 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41294 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41345 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41352 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41373 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41341 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41327 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41371 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14294 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14294
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3dkg-qm6d-47ha |
|
| 6 |
| url |
VCID-3fmb-j9eh-auht |
| vulnerability_id |
VCID-3fmb-j9eh-auht |
| summary |
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-16927 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37386 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37384 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37357 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37403 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37328 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3749 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37515 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37343 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37394 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37407 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37419 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-16927 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-16927
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3fmb-j9eh-auht |
|
| 7 |
| url |
VCID-3ndz-qv56-qkaz |
| vulnerability_id |
VCID-3ndz-qv56-qkaz |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10020 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37323 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3737 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37294 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37457 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37482 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3731 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37373 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37385 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3735 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10020 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10020
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3ndz-qv56-qkaz |
|
| 8 |
| url |
VCID-4128-ep6n-hufz |
| vulnerability_id |
VCID-4128-ep6n-hufz |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3704 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.8042 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80338 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80345 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80365 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80354 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80382 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80392 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80411 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80396 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80389 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01395 |
| scoring_system |
epss |
| scoring_elements |
0.80418 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3704 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-3704
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4128-ep6n-hufz |
|
| 9 |
| url |
VCID-4p26-wkq3-v3b2 |
| vulnerability_id |
VCID-4p26-wkq3-v3b2 |
| summary |
KPdf and KWord both include vulnerable Xpdf code to handle PDF files,
making them vulnerable to the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3628 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85873 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85777 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85789 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85808 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85813 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85832 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85842 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85857 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85854 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.8585 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02683 |
| scoring_system |
epss |
| scoring_elements |
0.85868 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3628 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3628
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4p26-wkq3-v3b2 |
|
| 10 |
| url |
VCID-4shg-5htw-9uep |
| vulnerability_id |
VCID-4shg-5htw-9uep |
| summary |
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-3154 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24452 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24604 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.245 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24442 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24457 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24641 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24417 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24485 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24529 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24544 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-3154 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-3154
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4shg-5htw-9uep |
|
| 11 |
| url |
VCID-4yej-ag45-uuga |
| vulnerability_id |
VCID-4yej-ag45-uuga |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3703 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78252 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78164 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78173 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78203 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78185 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78212 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78217 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78243 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78226 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78222 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01118 |
| scoring_system |
epss |
| scoring_elements |
0.78254 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3703 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-3703
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4yej-ag45-uuga |
|
| 12 |
| url |
VCID-5jvx-hqff-5ucp |
| vulnerability_id |
VCID-5jvx-hqff-5ucp |
| summary |
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-0889 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87416 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87346 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87355 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87371 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.8737 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87389 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87395 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87408 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87402 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87399 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.03388 |
| scoring_system |
epss |
| scoring_elements |
0.87414 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-0889 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-0889
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5jvx-hqff-5ucp |
|
| 13 |
| url |
VCID-5q1h-7uk2-nkhx |
| vulnerability_id |
VCID-5q1h-7uk2-nkhx |
| summary |
Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and
Poppler potentially resulting in the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
|
| 1 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt |
|
| 2 |
| reference_url |
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt |
|
| 3 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
|
| 4 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
|
| 5 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3193 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86675 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86592 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86603 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86622 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86641 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86651 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86664 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86662 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86655 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86668 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3193 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3193
|
| risk_score |
2.3 |
| exploitability |
0.5 |
| weighted_severity |
4.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5q1h-7uk2-nkhx |
|
| 14 |
| url |
VCID-5r8r-hhhf-e3as |
| vulnerability_id |
VCID-5r8r-hhhf-e3as |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0165 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82526 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.8254 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82554 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82551 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82577 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82585 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82603 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82596 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.8259 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82626 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.01757 |
| scoring_system |
epss |
| scoring_elements |
0.82627 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0165 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-0165
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5r8r-hhhf-e3as |
|
| 15 |
| url |
VCID-5rue-7ryh-9ufh |
| vulnerability_id |
VCID-5rue-7ryh-9ufh |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38222 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38674 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38689 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38711 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38641 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38692 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38702 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38713 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38675 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38648 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38696 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38222 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38222
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5rue-7ryh-9ufh |
|
| 16 |
| url |
VCID-65sa-tagy-3ybs |
| vulnerability_id |
VCID-65sa-tagy-3ybs |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0799 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76544 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76549 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76577 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76558 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.7659 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76601 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76628 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76607 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76598 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76639 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00968 |
| scoring_system |
epss |
| scoring_elements |
0.76643 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0799 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-0799
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-65sa-tagy-3ybs |
|
| 17 |
| url |
VCID-6789-dh3f-rudp |
| vulnerability_id |
VCID-6789-dh3f-rudp |
| summary |
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2902 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69024 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.6904 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69061 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69041 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69091 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.6911 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69133 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69118 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69089 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69128 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00587 |
| scoring_system |
epss |
| scoring_elements |
0.69138 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2902 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2902
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6789-dh3f-rudp |
|
| 18 |
| url |
VCID-68rw-a4ah-5khm |
| vulnerability_id |
VCID-68rw-a4ah-5khm |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1182 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91487 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91493 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.915 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91508 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91521 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91527 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91532 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91533 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91531 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91554 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.07101 |
| scoring_system |
epss |
| scoring_elements |
0.91549 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1182 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1182
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-68rw-a4ah-5khm |
|
| 19 |
| url |
VCID-6dvh-784c-r7au |
| vulnerability_id |
VCID-6dvh-784c-r7au |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41844 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20442 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.206 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20659 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20386 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20467 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20526 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20549 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20504 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00066 |
| scoring_system |
epss |
| scoring_elements |
0.20449 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41844 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-41844
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6dvh-784c-r7au |
|
| 20 |
| url |
VCID-6dwz-8kx9-rugr |
| vulnerability_id |
VCID-6dwz-8kx9-rugr |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3603 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90877 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90882 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90892 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90902 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90913 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.9092 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90928 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90929 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.90952 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.06276 |
| scoring_system |
epss |
| scoring_elements |
0.9095 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3603 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-3603
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6dwz-8kx9-rugr |
|
| 21 |
| url |
VCID-6fmz-b2w3-vbcn |
| vulnerability_id |
VCID-6fmz-b2w3-vbcn |
| summary |
Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2574 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08919 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.09006 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.09089 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.09043 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08938 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.09057 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08979 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.09088 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2574 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-2574
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6fmz-b2w3-vbcn |
|
| 22 |
| url |
VCID-6wa8-zfbz-hqcg |
| vulnerability_id |
VCID-6wa8-zfbz-hqcg |
| summary |
Multiple vulnerabilities in Xpdf could result in execution of
arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4035 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.8513 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85142 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85159 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85161 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85183 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85191 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85206 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85203 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.852 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85221 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0245 |
| scoring_system |
epss |
| scoring_elements |
0.85223 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4035 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-4035
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6wa8-zfbz-hqcg |
|
| 23 |
| url |
VCID-7545-4961-63bf |
| vulnerability_id |
VCID-7545-4961-63bf |
| summary |
Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-36493 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65908 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65858 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65894 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65772 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65822 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65852 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65818 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65871 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65882 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65901 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65888 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-36493 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-36493
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7545-4961-63bf |
|
| 24 |
| url |
VCID-7ae3-ueje-kubk |
| vulnerability_id |
VCID-7ae3-ueje-kubk |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10021 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37323 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3737 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37294 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37457 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37482 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3731 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37373 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37385 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3735 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10021 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10021
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7ae3-ueje-kubk |
|
| 25 |
| url |
VCID-7ka2-sa5g-x7he |
| vulnerability_id |
VCID-7ka2-sa5g-x7he |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-30775 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44706 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.4466 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44681 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44618 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44669 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44671 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44688 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44657 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44658 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44714 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-30775 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-30775
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7ka2-sa5g-x7he |
|
| 26 |
| url |
VCID-7x99-rwuc-dyh9 |
| vulnerability_id |
VCID-7x99-rwuc-dyh9 |
| summary |
security flaw |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2002-1384 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21394 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21561 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.2162 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21375 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21453 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21513 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21524 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21486 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.2143 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21424 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21431 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2002-1384 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2002-1384
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7x99-rwuc-dyh9 |
|
| 27 |
| url |
VCID-88y1-wpv2-j3by |
| vulnerability_id |
VCID-88y1-wpv2-j3by |
| summary |
There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-24996 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46912 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46949 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46965 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46913 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46967 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46964 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46989 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46962 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46969 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47025 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.4702 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-24996 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-24996
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-88y1-wpv2-j3by |
|
| 28 |
| url |
VCID-8hwa-heth-qua6 |
| vulnerability_id |
VCID-8hwa-heth-qua6 |
| summary |
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service, an information leak, or possibly unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13281 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57192 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57272 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57295 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57271 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57323 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57325 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57338 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57319 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57297 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00347 |
| scoring_system |
epss |
| scoring_elements |
0.57321 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13281 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13281
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8hwa-heth-qua6 |
|
| 29 |
| url |
VCID-8tce-4d32-wkgy |
| vulnerability_id |
VCID-8tce-4d32-wkgy |
| summary |
Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-35376 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63843 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.6372 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63781 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63808 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63765 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63816 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63833 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63847 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63799 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63834 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-35376 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-35376
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8tce-4d32-wkgy |
|
| 30 |
| url |
VCID-8tq7-kp8w-j7e1 |
| vulnerability_id |
VCID-8tq7-kp8w-j7e1 |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10025 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37323 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3737 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37294 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37457 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37482 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3731 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37373 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37385 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3735 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10025 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10025
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8tq7-kp8w-j7e1 |
|
| 31 |
| url |
VCID-8uds-zs9k-47en |
| vulnerability_id |
VCID-8uds-zs9k-47en |
| summary |
Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and
Poppler potentially resulting in the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
|
| 1 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt |
|
| 2 |
| reference_url |
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt |
|
| 3 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
|
| 4 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
|
| 5 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3191 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86675 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86592 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86603 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86622 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86641 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86651 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86664 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86662 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86655 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.03031 |
| scoring_system |
epss |
| scoring_elements |
0.86668 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3191 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
| 141 |
|
| 142 |
|
| 143 |
|
| 144 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3191
|
| risk_score |
2.3 |
| exploitability |
0.5 |
| weighted_severity |
4.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8uds-zs9k-47en |
|
| 32 |
| url |
VCID-8yrn-x9sm-muhy |
| vulnerability_id |
VCID-8yrn-x9sm-muhy |
| summary |
There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9877 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53235 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53189 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53228 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53113 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53133 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53157 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53125 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53177 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53169 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53219 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00298 |
| scoring_system |
epss |
| scoring_elements |
0.53205 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9877 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9877
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8yrn-x9sm-muhy |
|
| 33 |
| url |
VCID-9hnb-h64u-zkev |
| vulnerability_id |
VCID-9hnb-h64u-zkev |
| summary |
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12957 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52519 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52455 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52506 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.5249 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52473 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52513 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52888 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52914 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52882 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52933 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52862 |
| published_at |
2026-04-01T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12957 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12957
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9hnb-h64u-zkev |
|
| 34 |
| url |
VCID-9m91-9mge-vbdx |
| vulnerability_id |
VCID-9m91-9mge-vbdx |
| summary |
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13289 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52272 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52124 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52168 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52195 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.5216 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52213 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52209 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.5226 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52244 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.5223 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52268 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13289 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13289
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9m91-9mge-vbdx |
|
| 35 |
| url |
VCID-9tn7-2y9w-6ufm |
| vulnerability_id |
VCID-9tn7-2y9w-6ufm |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14291 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.3757 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37459 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37625 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37649 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37527 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37579 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37592 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37606 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37572 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37545 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37589 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14291 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14291
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9tn7-2y9w-6ufm |
|
| 36 |
| url |
VCID-aa14-4spj-5yf7 |
| vulnerability_id |
VCID-aa14-4spj-5yf7 |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43071 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28112 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28219 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28176 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28118 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.2813 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28103 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28169 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28212 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00109 |
| scoring_system |
epss |
| scoring_elements |
0.29405 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00109 |
| scoring_system |
epss |
| scoring_elements |
0.29356 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43071 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-43071
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-aa14-4spj-5yf7 |
|
| 37 |
| url |
VCID-az67-jep9-qfhs |
| vulnerability_id |
VCID-az67-jep9-qfhs |
| summary |
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17064 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58803 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58766 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58798 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58654 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58738 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58759 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58726 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58779 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58786 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58804 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17064 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-17064
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-az67-jep9-qfhs |
|
| 38 |
| url |
VCID-bbb1-ck5d-8fg2 |
| vulnerability_id |
VCID-bbb1-ck5d-8fg2 |
| summary |
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1244 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87492 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87502 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87516 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87518 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87538 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87544 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87555 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87551 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87548 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87562 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.03472 |
| scoring_system |
epss |
| scoring_elements |
0.87563 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1244 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-1244
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bbb1-ck5d-8fg2 |
|
| 39 |
| url |
VCID-bft8-ctgf-a7c7 |
| vulnerability_id |
VCID-bft8-ctgf-a7c7 |
| summary |
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7867 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0005 |
| scoring_system |
epss |
| scoring_elements |
0.15515 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.0005 |
| scoring_system |
epss |
| scoring_elements |
0.15506 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16987 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1677 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16859 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1689 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16846 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16916 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16932 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.0007 |
| scoring_system |
epss |
| scoring_elements |
0.21443 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7867 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-7867
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bft8-ctgf-a7c7 |
|
| 40 |
| url |
VCID-bkr4-sab1-5ka2 |
| vulnerability_id |
VCID-bkr4-sab1-5ka2 |
| summary |
KPdf and KWord both include vulnerable Xpdf code to handle PDF files,
making them vulnerable to the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
|
| 1 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
|
| 2 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
|
| 3 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3627 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88929 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88863 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88871 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88887 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88888 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88906 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88912 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88923 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88918 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.04327 |
| scoring_system |
epss |
| scoring_elements |
0.88931 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3627 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3627
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bkr4-sab1-5ka2 |
|
| 41 |
| url |
VCID-bkxu-yxes-4yf6 |
| vulnerability_id |
VCID-bkxu-yxes-4yf6 |
| summary |
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9878 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54389 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54345 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54385 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54263 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54283 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54313 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54288 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.5434 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54335 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54384 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00312 |
| scoring_system |
epss |
| scoring_elements |
0.54367 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9878 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9878
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bkxu-yxes-4yf6 |
|
| 42 |
| url |
VCID-btp4-tbj1-uqc3 |
| vulnerability_id |
VCID-btp4-tbj1-uqc3 |
| summary |
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13286 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.5519 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55023 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55124 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55148 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55123 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55173 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55185 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55166 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00321 |
| scoring_system |
epss |
| scoring_elements |
0.55187 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13286 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13286
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-btp4-tbj1-uqc3 |
|
| 43 |
| url |
VCID-bvxw-w51x-vqc4 |
| vulnerability_id |
VCID-bvxw-w51x-vqc4 |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14293 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.3757 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37459 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37625 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37649 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37527 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37579 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37592 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37606 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37572 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37545 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37589 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14293 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14293
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bvxw-w51x-vqc4 |
|
| 44 |
| url |
VCID-byr3-7wgc-jye9 |
| vulnerability_id |
VCID-byr3-7wgc-jye9 |
| summary |
Multiple vulnerabilities have been discovered in T1Lib, the worst
of which could lead to remote execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1554 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91176 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91102 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91108 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91116 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91124 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91137 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91143 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.9115 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91152 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.06576 |
| scoring_system |
epss |
| scoring_elements |
0.91151 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1554 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-1554
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-byr3-7wgc-jye9 |
|
| 45 |
| url |
VCID-cbt8-he6p-gye9 |
| vulnerability_id |
VCID-cbt8-he6p-gye9 |
| summary |
XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38236 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16454 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16516 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16312 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16399 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16457 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16443 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16403 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.1634 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16277 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16297 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38236 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38236
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cbt8-he6p-gye9 |
|
| 46 |
| url |
VCID-ctb2-8h4y-vybd |
| vulnerability_id |
VCID-ctb2-8h4y-vybd |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0166 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.8988 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89883 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89895 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.899 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89916 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89922 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89929 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89927 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.8992 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89934 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0519 |
| scoring_system |
epss |
| scoring_elements |
0.89936 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0166 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-0166
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ctb2-8h4y-vybd |
|
| 47 |
| url |
VCID-ctdw-25y5-8kdm |
| vulnerability_id |
VCID-ctdw-25y5-8kdm |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0195 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92595 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92601 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92607 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92608 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92619 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92624 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92629 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92642 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.09017 |
| scoring_system |
epss |
| scoring_elements |
0.92641 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0195 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-0195
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ctdw-25y5-8kdm |
|
| 48 |
| url |
VCID-ctgr-z8gu-fqeb |
| vulnerability_id |
VCID-ctgr-z8gu-fqeb |
| summary |
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12958 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41678 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41681 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41704 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41671 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41657 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42111 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.4217 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42197 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42137 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42187 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12958 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12958
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ctgr-z8gu-fqeb |
|
| 49 |
| url |
VCID-cxcd-xyg2-fudd |
| vulnerability_id |
VCID-cxcd-xyg2-fudd |
| summary |
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13282 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52988 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52862 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52888 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52914 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52882 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52933 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52926 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52976 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.5296 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52944 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52981 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13282 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13282
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cxcd-xyg2-fudd |
|
| 50 |
| url |
VCID-d7re-9pmd-dfhy |
| vulnerability_id |
VCID-d7re-9pmd-dfhy |
| summary |
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7866 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12731 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12728 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28663 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28464 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.2857 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28528 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28529 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28619 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.33463 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7866 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-7866
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d7re-9pmd-dfhy |
|
| 51 |
| url |
VCID-d9s7-un66-wqba |
| vulnerability_id |
VCID-d9s7-un66-wqba |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-45586 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.1236 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.1258 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12493 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12454 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12356 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12622 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12431 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12511 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12562 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12532 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-45586 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-45586
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d9s7-un66-wqba |
|
| 52 |
| url |
VCID-dgb8-nes9-8fb7 |
| vulnerability_id |
VCID-dgb8-nes9-8fb7 |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0147 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.84926 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.8494 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.84959 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.84963 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.84986 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.84993 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.85008 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.85006 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.85003 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.85024 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.02384 |
| scoring_system |
epss |
| scoring_elements |
0.85026 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0147 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-0147
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dgb8-nes9-8fb7 |
|
| 53 |
| url |
VCID-dn3b-smm9-63eb |
| vulnerability_id |
VCID-dn3b-smm9-63eb |
| summary |
Poppler does not handle fonts inside PDF files safely, allowing for
execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1693 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.9181 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91818 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91824 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91832 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91844 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.9185 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91854 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91855 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91851 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91871 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.07598 |
| scoring_system |
epss |
| scoring_elements |
0.91867 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1693 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-1693
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dn3b-smm9-63eb |
|
| 54 |
| url |
VCID-durs-kj4r-jbf2 |
| vulnerability_id |
VCID-durs-kj4r-jbf2 |
| summary |
security flaw |
| references |
| 0 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-2097 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.21924 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.21883 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.22045 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.22098 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.21874 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.21956 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.22011 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.22026 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.21985 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00072 |
| scoring_system |
epss |
| scoring_elements |
0.21927 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-2097 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-2097
|
| risk_score |
0.9 |
| exploitability |
0.5 |
| weighted_severity |
1.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-durs-kj4r-jbf2 |
|
| 55 |
| url |
VCID-e1aj-xdke-bubt |
| vulnerability_id |
VCID-e1aj-xdke-bubt |
| summary |
There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-24999 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49252 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.4915 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49182 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.4921 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49161 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49216 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49212 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.4923 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49203 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49208 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49254 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-24999 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-24999
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e1aj-xdke-bubt |
|
| 56 |
| url |
VCID-e7vq-33xj-gkgr |
| vulnerability_id |
VCID-e7vq-33xj-gkgr |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38334 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.42973 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.43 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.42937 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.42987 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.43022 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.42971 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.43031 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00206 |
| scoring_system |
epss |
| scoring_elements |
0.43019 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38334 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38334
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e7vq-33xj-gkgr |
|
| 57 |
| url |
VCID-ebmd-5d52-u7ev |
| vulnerability_id |
VCID-ebmd-5d52-u7ev |
| summary |
Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4407 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09628 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09657 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09746 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09795 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09691 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09762 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09813 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09822 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.0979 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09773 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4407 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4407
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ebmd-5d52-u7ev |
|
| 58 |
| url |
VCID-ebyg-yhza-wkaq |
| vulnerability_id |
VCID-ebyg-yhza-wkaq |
| summary |
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12493 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52874 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52749 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52773 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52799 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52767 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52818 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52811 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52862 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52846 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.5283 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00295 |
| scoring_system |
epss |
| scoring_elements |
0.52867 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12493 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12493
|
| risk_score |
0.9 |
| exploitability |
0.5 |
| weighted_severity |
1.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ebyg-yhza-wkaq |
|
| 59 |
| url |
VCID-ed1t-m9vp-7yay |
| vulnerability_id |
VCID-ed1t-m9vp-7yay |
| summary |
security flaw |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2003-0434 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96607 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96616 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96621 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96625 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96633 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96635 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96637 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96638 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.9664 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96647 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.29867 |
| scoring_system |
epss |
| scoring_elements |
0.96652 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2003-0434 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2003-0434
|
| risk_score |
0.6 |
| exploitability |
2.0 |
| weighted_severity |
0.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ed1t-m9vp-7yay |
|
| 60 |
| url |
VCID-f1fy-2gxa-63hb |
| vulnerability_id |
VCID-f1fy-2gxa-63hb |
| summary |
xpdf: stack-overflow in pdftotext |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3247 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06144 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06133 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22532 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22574 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22362 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22444 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22498 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22518 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22476 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22422 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3247 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-3247
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f1fy-2gxa-63hb |
|
| 61 |
| url |
VCID-fct6-695j-t7bs |
| vulnerability_id |
VCID-fct6-695j-t7bs |
| summary |
PDFKit and ImageKits are vulnerable to an integer overflow and a stack
overflow allowing for the user-assisted execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-3387 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92529 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92534 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92541 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92544 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92554 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92559 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92565 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92566 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92577 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.08892 |
| scoring_system |
epss |
| scoring_elements |
0.92576 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-3387 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-3387
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fct6-695j-t7bs |
|
| 62 |
| url |
VCID-gbm8-vcwy-u3g2 |
| vulnerability_id |
VCID-gbm8-vcwy-u3g2 |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1179 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96426 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96433 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96437 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.9644 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96449 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96452 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96456 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96457 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96459 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.96466 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.27841 |
| scoring_system |
epss |
| scoring_elements |
0.9647 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1179 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1179
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gbm8-vcwy-u3g2 |
|
| 63 |
| url |
VCID-gc6w-tctk-nycd |
| vulnerability_id |
VCID-gc6w-tctk-nycd |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4653 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73775 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73767 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73677 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73685 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73709 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73682 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73717 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73729 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73751 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73733 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00782 |
| scoring_system |
epss |
| scoring_elements |
0.73724 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4653 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-4653
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6w-tctk-nycd |
|
| 64 |
| url |
VCID-gfxh-3er7-zyam |
| vulnerability_id |
VCID-gfxh-3er7-zyam |
| summary |
xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12360 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57463 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57547 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57568 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57543 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57596 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.576 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57615 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57595 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57573 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57602 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00351 |
| scoring_system |
epss |
| scoring_elements |
0.57599 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12360 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12360
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gfxh-3er7-zyam |
|
| 65 |
| url |
VCID-ggaf-24m4-tudf |
| vulnerability_id |
VCID-ggaf-24m4-tudf |
| summary |
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is related to CVE-2018-16368. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13287 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42115 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.4204 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42101 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.4213 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42066 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42118 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42129 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42151 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42114 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42089 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.002 |
| scoring_system |
epss |
| scoring_elements |
0.42141 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13287 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13287
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ggaf-24m4-tudf |
|
| 66 |
| url |
VCID-ggz4-xfsy-6qh9 |
| vulnerability_id |
VCID-ggz4-xfsy-6qh9 |
| summary |
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7868 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47109 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47114 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00255 |
| scoring_system |
epss |
| scoring_elements |
0.48864 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00255 |
| scoring_system |
epss |
| scoring_elements |
0.48818 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00255 |
| scoring_system |
epss |
| scoring_elements |
0.48872 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00255 |
| scoring_system |
epss |
| scoring_elements |
0.48885 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00255 |
| scoring_system |
epss |
| scoring_elements |
0.48859 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00255 |
| scoring_system |
epss |
| scoring_elements |
0.48869 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00255 |
| scoring_system |
epss |
| scoring_elements |
0.48838 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00334 |
| scoring_system |
epss |
| scoring_elements |
0.56203 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7868 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-7868
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ggz4-xfsy-6qh9 |
|
| 67 |
| url |
VCID-gs8q-7m9v-h7bv |
| vulnerability_id |
VCID-gs8q-7m9v-h7bv |
| summary |
XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38227 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1722 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1727 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17051 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17141 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17199 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17173 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17126 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17066 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17002 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17006 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38227 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38227
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gs8q-7m9v-h7bv |
|
| 68 |
| url |
VCID-gvg1-j3bg-jyhb |
| vulnerability_id |
VCID-gvg1-j3bg-jyhb |
| summary |
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-15860 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.3757 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37545 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37589 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37459 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37625 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37649 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37527 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37579 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37592 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37606 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37572 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-15860 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-15860
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gvg1-j3bg-jyhb |
|
| 69 |
| url |
VCID-h2v8-y5wu-k7dt |
| vulnerability_id |
VCID-h2v8-y5wu-k7dt |
| summary |
XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*) at /xpdf/Lexer.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38234 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14485 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14555 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14363 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14447 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14501 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14451 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14413 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14356 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14248 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14249 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38234 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38234
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h2v8-y5wu-k7dt |
|
| 70 |
| url |
VCID-hxqu-gusj-d7hm |
| vulnerability_id |
VCID-hxqu-gusj-d7hm |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-30524 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84477 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84397 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84417 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84419 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84441 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84446 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84465 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84459 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84454 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02209 |
| scoring_system |
epss |
| scoring_elements |
0.84476 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-30524 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-30524
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hxqu-gusj-d7hm |
|
| 71 |
| url |
VCID-hz7t-j44b-d7bk |
| vulnerability_id |
VCID-hz7t-j44b-d7bk |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41843 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.26887 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27059 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.26998 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27001 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.26957 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.269 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.26911 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27095 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.26884 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.26952 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41843 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-41843
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hz7t-j44b-d7bk |
|
| 72 |
| url |
VCID-j6yq-rtc5-gqar |
| vulnerability_id |
VCID-j6yq-rtc5-gqar |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14288 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.4223 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.4216 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42218 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42247 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42188 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42239 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.4227 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42233 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42205 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42255 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14288 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14288
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j6yq-rtc5-gqar |
|
| 73 |
| url |
VCID-ju4p-5km5-cqay |
| vulnerability_id |
VCID-ju4p-5km5-cqay |
| summary |
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12515 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.5237 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52415 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52444 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52408 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52461 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52455 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52506 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.5249 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52473 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52513 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00291 |
| scoring_system |
epss |
| scoring_elements |
0.52519 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12515 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12515
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ju4p-5km5-cqay |
|
| 74 |
| url |
VCID-jvuz-2phs-87du |
| vulnerability_id |
VCID-jvuz-2phs-87du |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1180 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92498 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92504 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92512 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92514 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92526 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.9253 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92537 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92538 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.08831 |
| scoring_system |
epss |
| scoring_elements |
0.92547 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1180 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1180
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jvuz-2phs-87du |
|
| 75 |
| url |
VCID-k27e-xq9z-8qf8 |
| vulnerability_id |
VCID-k27e-xq9z-8qf8 |
| summary |
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-26930 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12784 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.1283 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12633 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12712 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12764 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12733 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12694 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12647 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12555 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12567 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-26930 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-26930
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k27e-xq9z-8qf8 |
|
| 76 |
| url |
VCID-kfq1-p85t-h7av |
| vulnerability_id |
VCID-kfq1-p85t-h7av |
| summary |
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13288 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96436 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.9639 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96397 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96401 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96405 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96414 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96417 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96421 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96425 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.27509 |
| scoring_system |
epss |
| scoring_elements |
0.96432 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13288 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13288
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kfq1-p85t-h7av |
|
| 77 |
| url |
VCID-kgk7-hqby-wkez |
| vulnerability_id |
VCID-kgk7-hqby-wkez |
| summary |
Poppler and various KDE components are vulnerable to multiple memory
management issues possibly resulting in the execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-4352 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.9618 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96188 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96196 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96199 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96209 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96212 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96217 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96216 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96218 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96226 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.25469 |
| scoring_system |
epss |
| scoring_elements |
0.96231 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-4352 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-4352
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kgk7-hqby-wkez |
|
| 78 |
| url |
VCID-kq6b-svq2-bydz |
| vulnerability_id |
VCID-kq6b-svq2-bydz |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-2662 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08355 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08453 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08511 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08493 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08478 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08372 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08507 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08425 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08498 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.0003 |
| scoring_system |
epss |
| scoring_elements |
0.08517 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-2662 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-2662
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kq6b-svq2-bydz |
|
| 79 |
| url |
VCID-m3w5-n1vj-dkcj |
| vulnerability_id |
VCID-m3w5-n1vj-dkcj |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-3436 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04456 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04433 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04495 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04478 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04448 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04458 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.0447 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04504 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04521 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.0451 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-3436 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-3436
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m3w5-n1vj-dkcj |
|
| 80 |
| url |
VCID-m5tc-yrms-zuay |
| vulnerability_id |
VCID-m5tc-yrms-zuay |
| summary |
security flaw |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0206 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91143 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.9107 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91075 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91084 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91093 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91106 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91112 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91119 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.9112 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.06529 |
| scoring_system |
epss |
| scoring_elements |
0.91144 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0206 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
| 141 |
|
| 142 |
|
| 143 |
|
| 144 |
|
| 145 |
|
| 146 |
|
| 147 |
|
| 148 |
|
| 149 |
|
| 150 |
|
| 151 |
|
| 152 |
|
| 153 |
|
| 154 |
|
| 155 |
|
| 156 |
|
| 157 |
|
| 158 |
|
| 159 |
|
| 160 |
|
| 161 |
|
| 162 |
|
| 163 |
|
| 164 |
|
| 165 |
|
| 166 |
|
| 167 |
|
| 168 |
|
| 169 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0206
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m5tc-yrms-zuay |
|
| 81 |
| url |
VCID-m77c-kqwu-kbak |
| vulnerability_id |
VCID-m77c-kqwu-kbak |
| summary |
XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow() at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38233 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.14917 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15132 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.152 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15005 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15093 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15145 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15111 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15073 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15013 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.14908 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38233 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38233
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m77c-kqwu-kbak |
|
| 82 |
| url |
VCID-mf6e-623v-r3cj |
| vulnerability_id |
VCID-mf6e-623v-r3cj |
| summary |
Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24107 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32453 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32566 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32602 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32425 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32474 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.325 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32504 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32465 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32439 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24107 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-24107
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mf6e-623v-r3cj |
|
| 83 |
| url |
VCID-mg1z-d7y8-dfaj |
| vulnerability_id |
VCID-mg1z-d7y8-dfaj |
| summary |
KPdf and KWord both include vulnerable Xpdf code to handle PDF files,
making them vulnerable to the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
|
| 1 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
|
| 2 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
|
| 3 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3624 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91725 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91668 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91676 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91682 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91691 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91703 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.9171 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91713 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91716 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91712 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.07357 |
| scoring_system |
epss |
| scoring_elements |
0.91732 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3624 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
| 141 |
|
| 142 |
|
| 143 |
|
| 144 |
|
| 145 |
|
| 146 |
|
| 147 |
|
| 148 |
|
| 149 |
|
| 150 |
|
| 151 |
|
| 152 |
|
| 153 |
|
| 154 |
|
| 155 |
|
| 156 |
|
| 157 |
|
| 158 |
|
| 159 |
|
| 160 |
|
| 161 |
|
| 162 |
|
| 163 |
|
| 164 |
|
| 165 |
|
| 166 |
|
| 167 |
|
| 168 |
|
| 169 |
|
| 170 |
|
| 171 |
|
| 172 |
|
| 173 |
|
| 174 |
|
| 175 |
|
| 176 |
|
| 177 |
|
| 178 |
|
| 179 |
|
| 180 |
|
| 181 |
|
| 182 |
|
| 183 |
|
| 184 |
|
| 185 |
|
| 186 |
|
| 187 |
|
| 188 |
|
| 189 |
|
| 190 |
|
| 191 |
|
| 192 |
|
| 193 |
|
| 194 |
|
| 195 |
|
| 196 |
|
| 197 |
|
| 198 |
|
| 199 |
|
| 200 |
|
| 201 |
|
| 202 |
|
| 203 |
|
| 204 |
|
| 205 |
|
| 206 |
|
| 207 |
|
| 208 |
|
| 209 |
|
| 210 |
|
| 211 |
|
| 212 |
|
| 213 |
|
| 214 |
|
| 215 |
|
| 216 |
|
| 217 |
|
| 218 |
|
| 219 |
|
| 220 |
|
| 221 |
|
| 222 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3624
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mg1z-d7y8-dfaj |
|
| 84 |
| url |
VCID-mj4u-8j1k-zfbh |
| vulnerability_id |
VCID-mj4u-8j1k-zfbh |
| summary |
xpdf: stack overflow via pdftpng |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3248 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06144 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06133 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22532 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22574 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22362 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22444 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22498 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22518 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22476 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00074 |
| scoring_system |
epss |
| scoring_elements |
0.22422 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3248 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-3248
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mj4u-8j1k-zfbh |
|
| 85 |
| url |
VCID-mnhc-1jgp-jqc8 |
| vulnerability_id |
VCID-mnhc-1jgp-jqc8 |
| summary |
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9589 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48148 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48153 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48034 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48073 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48093 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48044 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48096 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48091 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48114 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4809 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.481 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9589 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9589
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mnhc-1jgp-jqc8 |
|
| 86 |
| url |
VCID-mq43-5wd8-ayan |
| vulnerability_id |
VCID-mq43-5wd8-ayan |
| summary |
xpdf infinite loop DoS |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0104 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95335 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95284 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95296 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95301 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95307 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95314 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95317 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95322 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95324 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.19012 |
| scoring_system |
epss |
| scoring_elements |
0.95331 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0104 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-0104
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mq43-5wd8-ayan |
|
| 87 |
| url |
VCID-mzzq-p7nb-kfge |
| vulnerability_id |
VCID-mzzq-p7nb-kfge |
| summary |
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-18651 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39453 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39303 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39465 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39489 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39402 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39458 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39473 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39484 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39446 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39429 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.3948 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-18651 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-18651
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mzzq-p7nb-kfge |
|
| 88 |
| url |
VCID-n7sa-m9h6-cqbv |
| vulnerability_id |
VCID-n7sa-m9h6-cqbv |
| summary |
security flaw |
| references |
| 0 |
| reference_url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch |
|
| 1 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1125 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91699 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91642 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.9165 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91656 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91665 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91677 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91684 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91687 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91689 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91686 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.07314 |
| scoring_system |
epss |
| scoring_elements |
0.91707 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1125 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-1125
|
| risk_score |
4.2 |
| exploitability |
0.5 |
| weighted_severity |
8.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n7sa-m9h6-cqbv |
|
| 89 |
| url |
VCID-nd27-gfd1-yudu |
| vulnerability_id |
VCID-nd27-gfd1-yudu |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10019 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39331 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39307 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39359 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39157 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39344 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39367 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39281 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39336 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39353 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39365 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39325 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10019 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10019
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nd27-gfd1-yudu |
|
| 90 |
| url |
VCID-neqs-cg1p-7bb7 |
| vulnerability_id |
VCID-neqs-cg1p-7bb7 |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3702 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86402 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86316 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86326 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86345 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86346 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86364 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86374 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86387 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86385 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.8638 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02916 |
| scoring_system |
epss |
| scoring_elements |
0.86397 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3702 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-3702
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-neqs-cg1p-7bb7 |
|
| 91 |
| url |
VCID-neub-d4ap-q7fp |
| vulnerability_id |
VCID-neub-d4ap-q7fp |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10026 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37323 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3737 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37294 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37457 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37482 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3731 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37373 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37385 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3735 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10026 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10026
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-neub-d4ap-q7fp |
|
| 92 |
| url |
VCID-ngzc-42z2-8yae |
| vulnerability_id |
VCID-ngzc-42z2-8yae |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-2142 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79914 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79921 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79941 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.7993 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79959 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79968 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79988 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79971 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79963 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01333 |
| scoring_system |
epss |
| scoring_elements |
0.79991 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-2142 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-2142
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ngzc-42z2-8yae |
|
| 93 |
| url |
VCID-nxhw-mks9-uqeq |
| vulnerability_id |
VCID-nxhw-mks9-uqeq |
| summary |
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38229 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16454 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16516 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16312 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16399 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16457 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16443 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16403 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.1634 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16277 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16297 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38229 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38229
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nxhw-mks9-uqeq |
|
| 94 |
| url |
VCID-nyr4-77z2-jfau |
| vulnerability_id |
VCID-nyr4-77z2-jfau |
| summary |
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38231 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16295 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16356 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16155 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16241 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16307 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16289 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16249 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16181 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16119 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00052 |
| scoring_system |
epss |
| scoring_elements |
0.16137 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38231 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38231
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nyr4-77z2-jfau |
|
| 95 |
| url |
VCID-p219-w8nj-qqg7 |
| vulnerability_id |
VCID-p219-w8nj-qqg7 |
| summary |
Poppler is affected by a memory management issue, which could lead to the
execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-2950 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93901 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93836 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93844 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93854 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93856 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93865 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93869 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93873 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93874 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93895 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-2950 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-2950
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p219-w8nj-qqg7 |
|
| 96 |
| url |
VCID-pu8x-kruh-pkbh |
| vulnerability_id |
VCID-pu8x-kruh-pkbh |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14292 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37953 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37825 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37987 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.38012 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37891 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37941 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37954 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.3797 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37933 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00168 |
| scoring_system |
epss |
| scoring_elements |
0.37908 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14292 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14292
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pu8x-kruh-pkbh |
|
| 97 |
| url |
VCID-pvpw-rgq1-n3ag |
| vulnerability_id |
VCID-pvpw-rgq1-n3ag |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43295 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21762 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21842 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21853 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21813 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21756 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21942 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21708 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00071 |
| scoring_system |
epss |
| scoring_elements |
0.21785 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00076 |
| scoring_system |
epss |
| scoring_elements |
0.22857 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43295 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-43295
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pvpw-rgq1-n3ag |
|
| 98 |
| url |
VCID-pzmc-rz89-gbb7 |
| vulnerability_id |
VCID-pzmc-rz89-gbb7 |
| summary |
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38228 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1722 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1727 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17051 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17141 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17199 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17173 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17126 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17066 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17002 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17006 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38228 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38228
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pzmc-rz89-gbb7 |
|
| 99 |
| url |
VCID-qayv-8u9a-83h4 |
| vulnerability_id |
VCID-qayv-8u9a-83h4 |
| summary |
KPdf includes vulnerable Xpdf code to handle PDF files, making it
vulnerable to the execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-0301 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86717 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86727 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86746 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86745 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86764 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86773 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86786 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86783 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86778 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86794 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.03084 |
| scoring_system |
epss |
| scoring_elements |
0.86798 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-0301 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-0301
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qayv-8u9a-83h4 |
|
| 100 |
| url |
VCID-qetq-kqkd-j7gf |
| vulnerability_id |
VCID-qetq-kqkd-j7gf |
| summary |
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-16088 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25216 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25206 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25287 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25361 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25397 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25173 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25242 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25301 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25259 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-16088 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-16088
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qetq-kqkd-j7gf |
|
| 101 |
| url |
VCID-qj1g-cxtf-6yhq |
| vulnerability_id |
VCID-qj1g-cxtf-6yhq |
| summary |
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38237 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1722 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1727 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17051 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17141 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17199 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17173 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17126 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17066 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17002 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17006 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38237 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38237
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qj1g-cxtf-6yhq |
|
| 102 |
| url |
VCID-rdkz-72eg-7ubd |
| vulnerability_id |
VCID-rdkz-72eg-7ubd |
| summary |
security flaw |
| references |
| 0 |
| reference_url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch |
|
| 1 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0064 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92334 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92285 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92292 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92298 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92301 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92312 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92317 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92323 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92324 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92322 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.08395 |
| scoring_system |
epss |
| scoring_elements |
0.92335 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0064 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0064
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rdkz-72eg-7ubd |
|
| 103 |
| url |
VCID-rm6a-c4rf-f7hc |
| vulnerability_id |
VCID-rm6a-c4rf-f7hc |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0800 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92575 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92581 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92587 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92588 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.926 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92605 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.9261 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92611 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92624 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.08985 |
| scoring_system |
epss |
| scoring_elements |
0.92623 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0800 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-0800
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rm6a-c4rf-f7hc |
|
| 104 |
| url |
VCID-rvy1-vpy6-2fas |
| vulnerability_id |
VCID-rvy1-vpy6-2fas |
| summary |
XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38235 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15132 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.152 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15005 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15093 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15145 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15111 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15073 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15013 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.14908 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.14917 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38235 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38235
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rvy1-vpy6-2fas |
|
| 105 |
| url |
VCID-rwk9-yxsj-9ye6 |
| vulnerability_id |
VCID-rwk9-yxsj-9ye6 |
| summary |
XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38230 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19901 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19956 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19684 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19763 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19815 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19819 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19774 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19717 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19692 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19693 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38230 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38230
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rwk9-yxsj-9ye6 |
|
| 106 |
| url |
VCID-s1y4-86gx-9ugs |
| vulnerability_id |
VCID-s1y4-86gx-9ugs |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10023 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37323 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3737 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37294 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37457 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37482 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3731 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37373 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37385 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3735 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10023 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10023
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s1y4-86gx-9ugs |
|
| 107 |
| url |
VCID-s43w-xtc6-r7fs |
| vulnerability_id |
VCID-s43w-xtc6-r7fs |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10024 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37323 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3737 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37294 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37457 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37482 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3731 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37373 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37385 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.3735 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10024 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10024
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s43w-xtc6-r7fs |
|
| 108 |
| url |
VCID-s4uu-64gy-kkh4 |
| vulnerability_id |
VCID-s4uu-64gy-kkh4 |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36561 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26845 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26885 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26671 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26739 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26789 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26792 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26748 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26691 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.26699 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00097 |
| scoring_system |
epss |
| scoring_elements |
0.2667 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36561 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-36561
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s4uu-64gy-kkh4 |
|
| 109 |
| url |
VCID-s66u-r7vs-bfdu |
| vulnerability_id |
VCID-s66u-r7vs-bfdu |
| summary |
Multiple vulnerabilities have been discovered in T1Lib, the worst
of which could lead to remote execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1553 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.8967 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89616 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89619 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89632 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89633 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.8965 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89655 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89662 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89661 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89654 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.04953 |
| scoring_system |
epss |
| scoring_elements |
0.89669 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1553 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-1553
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s66u-r7vs-bfdu |
|
| 110 |
| url |
VCID-srxr-dp8e-ryg8 |
| vulnerability_id |
VCID-srxr-dp8e-ryg8 |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14289 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.3757 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37459 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37625 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37649 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37527 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37579 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37592 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37606 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37572 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37545 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37589 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14289 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14289
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-srxr-dp8e-ryg8 |
|
| 111 |
| url |
VCID-sv3r-4tym-qua5 |
| vulnerability_id |
VCID-sv3r-4tym-qua5 |
| summary |
Poppler and various KDE components are vulnerable to multiple memory
management issues possibly resulting in the execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5393 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94355 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94364 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94374 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94375 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94385 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94389 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94392 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94393 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94394 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94408 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.14245 |
| scoring_system |
epss |
| scoring_elements |
0.94413 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5393 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-5393
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sv3r-4tym-qua5 |
|
| 112 |
| url |
VCID-t5np-6g2m-cbbv |
| vulnerability_id |
VCID-t5np-6g2m-cbbv |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-2663 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24124 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24123 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24138 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24273 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24306 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24092 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24158 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24203 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24221 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24179 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-2663 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-2663
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t5np-6g2m-cbbv |
|
| 113 |
| url |
VCID-tq94-kdgr-s7hw |
| vulnerability_id |
VCID-tq94-kdgr-s7hw |
| summary |
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause Denial of Service or possibly unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-16115 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39632 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.3961 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39661 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39496 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39645 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39667 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39585 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39639 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39654 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39663 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39626 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-16115 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-16115
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tq94-kdgr-s7hw |
|
| 114 |
| url |
VCID-ttne-sgwp-k7bf |
| vulnerability_id |
VCID-ttne-sgwp-k7bf |
| summary |
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10022 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39331 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39307 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39359 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39157 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39344 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39367 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39281 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39336 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39353 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39365 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39325 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-10022 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-10022
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ttne-sgwp-k7bf |
|
| 115 |
| url |
VCID-tz12-qj2j-rkfh |
| vulnerability_id |
VCID-tz12-qj2j-rkfh |
| summary |
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38238 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1722 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1727 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17051 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17141 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17199 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17173 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17126 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17066 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17002 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17006 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38238 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38238
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tz12-qj2j-rkfh |
|
| 116 |
| url |
VCID-uakq-uh46-juec |
| vulnerability_id |
VCID-uakq-uh46-juec |
| summary |
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-48545 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19754 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19954 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19778 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19752 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.20012 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19739 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19819 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19871 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.1988 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19835 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-48545 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-48545
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uakq-uh46-juec |
|
| 117 |
| url |
VCID-ubtq-wukm-4fau |
| vulnerability_id |
VCID-ubtq-wukm-4fau |
| summary |
Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-25725 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39672 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.3982 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39843 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39764 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39819 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39833 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39842 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39806 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.3979 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.3984 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39811 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-25725 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-25725
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ubtq-wukm-4fau |
|
| 118 |
| url |
VCID-uczb-yext-6yfq |
| vulnerability_id |
VCID-uczb-yext-6yfq |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1188 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95736 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95745 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95753 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95755 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95764 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95767 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95771 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95772 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95781 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.21975 |
| scoring_system |
epss |
| scoring_elements |
0.95786 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1188 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1188
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uczb-yext-6yfq |
|
| 119 |
| url |
VCID-uny2-k19n-1bb2 |
| vulnerability_id |
VCID-uny2-k19n-1bb2 |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1181 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85086 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85098 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85116 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85119 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85141 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85148 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85163 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.8516 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85157 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85177 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.02433 |
| scoring_system |
epss |
| scoring_elements |
0.85179 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1181 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1181
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uny2-k19n-1bb2 |
|
| 120 |
| url |
VCID-upkc-66fh-wbby |
| vulnerability_id |
VCID-upkc-66fh-wbby |
| summary |
Multiple vulnerabilities have been discovered in T1Lib, the worst
of which could lead to remote execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0764 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.9677 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.9673 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.9674 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.96741 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.96745 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.96753 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.96754 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.96757 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.96759 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.31187 |
| scoring_system |
epss |
| scoring_elements |
0.96765 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0764 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-0764
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-upkc-66fh-wbby |
|
| 121 |
| url |
VCID-utex-65f9-53cq |
| vulnerability_id |
VCID-utex-65f9-53cq |
| summary |
KPdf and KWord both include vulnerable Xpdf code to handle PDF files,
making them vulnerable to the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
|
| 1 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
|
| 2 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
|
| 3 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3625 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93548 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.9349 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93499 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93507 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93506 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93515 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93518 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93523 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93522 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.11286 |
| scoring_system |
epss |
| scoring_elements |
0.93542 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3625 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
| 141 |
|
| 142 |
|
| 143 |
|
| 144 |
|
| 145 |
|
| 146 |
|
| 147 |
|
| 148 |
|
| 149 |
|
| 150 |
|
| 151 |
|
| 152 |
|
| 153 |
|
| 154 |
|
| 155 |
|
| 156 |
|
| 157 |
|
| 158 |
|
| 159 |
|
| 160 |
|
| 161 |
|
| 162 |
|
| 163 |
|
| 164 |
|
| 165 |
|
| 166 |
|
| 167 |
|
| 168 |
|
| 169 |
|
| 170 |
|
| 171 |
|
| 172 |
|
| 173 |
|
| 174 |
|
| 175 |
|
| 176 |
|
| 177 |
|
| 178 |
|
| 179 |
|
| 180 |
|
| 181 |
|
| 182 |
|
| 183 |
|
| 184 |
|
| 185 |
|
| 186 |
|
| 187 |
|
| 188 |
|
| 189 |
|
| 190 |
|
| 191 |
|
| 192 |
|
| 193 |
|
| 194 |
|
| 195 |
|
| 196 |
|
| 197 |
|
| 198 |
|
| 199 |
|
| 200 |
|
| 201 |
|
| 202 |
|
| 203 |
|
| 204 |
|
| 205 |
|
| 206 |
|
| 207 |
|
| 208 |
|
| 209 |
|
| 210 |
|
| 211 |
|
| 212 |
|
| 213 |
|
| 214 |
|
| 215 |
|
| 216 |
|
| 217 |
|
| 218 |
|
| 219 |
|
| 220 |
|
| 221 |
|
| 222 |
|
| 223 |
|
| 224 |
|
| 225 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3625
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-utex-65f9-53cq |
|
| 122 |
| url |
VCID-uwft-v6jp-vkhg |
| vulnerability_id |
VCID-uwft-v6jp-vkhg |
| summary |
In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-11896 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00809 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.0081 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00804 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00805 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00816 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00817 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00819 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00824 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
9e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00821 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-11896 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-11896
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uwft-v6jp-vkhg |
|
| 123 |
| url |
VCID-vbux-p4cd-a3f9 |
| vulnerability_id |
VCID-vbux-p4cd-a3f9 |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41842 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.5618 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.56117 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.56173 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.56184 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.5616 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.56144 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.56177 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.56137 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00333 |
| scoring_system |
epss |
| scoring_elements |
0.56168 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41842 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-41842
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vbux-p4cd-a3f9 |
|
| 124 |
| url |
VCID-vqwt-nqkf-fkd7 |
| vulnerability_id |
VCID-vqwt-nqkf-fkd7 |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-45587 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.1236 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.1258 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12493 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12454 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12356 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12622 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12431 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12511 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12562 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00041 |
| scoring_system |
epss |
| scoring_elements |
0.12532 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-45587 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-45587
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vqwt-nqkf-fkd7 |
|
| 125 |
| url |
VCID-vsn4-3wj4-tqba |
| vulnerability_id |
VCID-vsn4-3wj4-tqba |
| summary |
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9587 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56594 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56564 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56595 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56447 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56544 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56566 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56545 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56596 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.566 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.5661 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56586 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9587 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9587
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vsn4-3wj4-tqba |
|
| 126 |
| url |
VCID-vudr-8rrg-hufx |
| vulnerability_id |
VCID-vudr-8rrg-hufx |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1183 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82232 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82244 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82264 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82259 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82285 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82293 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82312 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82306 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.823 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01703 |
| scoring_system |
epss |
| scoring_elements |
0.82335 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1183 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1183
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vudr-8rrg-hufx |
|
| 127 |
| url |
VCID-w4js-d713-1ffu |
| vulnerability_id |
VCID-w4js-d713-1ffu |
| summary |
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14290 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.3757 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37459 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37625 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37649 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37527 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37579 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37592 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37606 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37572 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37545 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00165 |
| scoring_system |
epss |
| scoring_elements |
0.37589 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14290 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14290
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w4js-d713-1ffu |
|
| 128 |
| url |
VCID-wpgs-8fw5-wbhe |
| vulnerability_id |
VCID-wpgs-8fw5-wbhe |
| summary |
Poppler and various KDE components are vulnerable to multiple memory
management issues possibly resulting in the execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5392 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91095 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.911 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91109 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91117 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91129 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91135 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91143 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91144 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.06567 |
| scoring_system |
epss |
| scoring_elements |
0.91168 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5392 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-5392
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wpgs-8fw5-wbhe |
|
| 129 |
| url |
VCID-wz2m-37h6-t7cv |
| vulnerability_id |
VCID-wz2m-37h6-t7cv |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-33108 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.4327 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43216 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43245 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43183 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43235 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43247 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43268 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43236 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43221 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43281 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-33108 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-33108
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wz2m-37h6-t7cv |
|
| 130 |
| url |
VCID-x49u-x3vn-f7gq |
| vulnerability_id |
VCID-x49u-x3vn-f7gq |
| summary |
security flaw |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-0888 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89068 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89008 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89024 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89026 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89044 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89049 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.8906 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89056 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.04443 |
| scoring_system |
epss |
| scoring_elements |
0.89054 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-0888 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-0888
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x49u-x3vn-f7gq |
|
| 131 |
| url |
VCID-xddx-numk-a7bn |
| vulnerability_id |
VCID-xddx-numk-a7bn |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3608 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.93944 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.93953 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.93962 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.93964 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.93973 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.93976 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.9398 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.93995 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.12664 |
| scoring_system |
epss |
| scoring_elements |
0.94 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3608 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-3608
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xddx-numk-a7bn |
|
| 132 |
| url |
VCID-xqh5-sxfb-gueh |
| vulnerability_id |
VCID-xqh5-sxfb-gueh |
| summary |
Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and
Poppler potentially resulting in the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch |
|
| 1 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt |
|
| 2 |
| reference_url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt |
|
| 3 |
| reference_url |
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt |
|
| 4 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U |
|
| 5 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U |
|
| 6 |
| reference_url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
| reference_id |
|
| reference_type |
|
| scores |
|
| url |
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3192 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.93886 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.9382 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.93829 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.93838 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.93841 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.93849 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.93853 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.93858 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.12279 |
| scoring_system |
epss |
| scoring_elements |
0.9388 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3192 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3192
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xqh5-sxfb-gueh |
|
| 133 |
| url |
VCID-xt1y-bytw-zfa7 |
| vulnerability_id |
VCID-xt1y-bytw-zfa7 |
| summary |
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13283 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52988 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52862 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52888 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52914 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52882 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52933 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52926 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52976 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.5296 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52944 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.52981 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13283 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13283
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xt1y-bytw-zfa7 |
|
| 134 |
| url |
VCID-y38f-a865-fuae |
| vulnerability_id |
VCID-y38f-a865-fuae |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38928 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36512 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36529 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36596 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36629 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36466 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36517 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36537 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36544 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36509 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36486 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38928 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38928
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y38f-a865-fuae |
|
| 135 |
| url |
VCID-y9t6-akg1-pqhz |
| vulnerability_id |
VCID-y9t6-akg1-pqhz |
| summary |
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9588 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56594 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56595 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56447 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56544 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56566 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56545 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56596 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.566 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.5661 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56586 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.56564 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9588 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9588
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y9t6-akg1-pqhz |
|
| 136 |
| url |
VCID-ynvq-nzrq-9bca |
| vulnerability_id |
VCID-ynvq-nzrq-9bca |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0146 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.8246 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82474 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82491 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82488 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82514 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82521 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.8254 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82536 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82531 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01745 |
| scoring_system |
epss |
| scoring_elements |
0.82568 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-0146 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-0146
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ynvq-nzrq-9bca |
|
| 137 |
| url |
VCID-ysst-cb32-t7dv |
| vulnerability_id |
VCID-ysst-cb32-t7dv |
| summary |
Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27135 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43297 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43245 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43274 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43211 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43263 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43275 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43295 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43248 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43308 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27135 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-27135
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ysst-cb32-t7dv |
|
| 138 |
| url |
VCID-yu46-ypr2-dfce |
| vulnerability_id |
VCID-yu46-ypr2-dfce |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3609 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.90645 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.9065 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.9066 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.90669 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.90679 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.90685 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.90694 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.9069 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.90709 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.05999 |
| scoring_system |
epss |
| scoring_elements |
0.90707 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3609 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-3609
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yu46-ypr2-dfce |
|
| 139 |
| url |
VCID-yxrv-7mb5-ekfx |
| vulnerability_id |
VCID-yxrv-7mb5-ekfx |
| summary |
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-18650 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39453 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39303 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39465 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39489 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39402 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39458 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39473 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39484 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39446 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39429 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.3948 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-18650 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-18650
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yxrv-7mb5-ekfx |
|
| 140 |
| url |
VCID-z4s1-k1tj-13bf |
| vulnerability_id |
VCID-z4s1-k1tj-13bf |
| summary |
Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-2664 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16669 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16661 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.1687 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16926 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.1671 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16796 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16851 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16828 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16784 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00053 |
| scoring_system |
epss |
| scoring_elements |
0.16725 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-2664 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-2664
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z4s1-k1tj-13bf |
|
| 141 |
| url |
VCID-z77s-ej5r-rbcd |
| vulnerability_id |
VCID-z77s-ej5r-rbcd |
| summary |
Multiple vulnerabilities have been discovered in T1Lib, the worst
of which could lead to remote execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1552 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95839 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95786 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95795 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95803 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95806 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95814 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95818 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95821 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95823 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.22374 |
| scoring_system |
epss |
| scoring_elements |
0.95834 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1552 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-1552
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z77s-ej5r-rbcd |
|
| 142 |
| url |
VCID-zn54-s7jz-ruh8 |
| vulnerability_id |
VCID-zn54-s7jz-ruh8 |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4654 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64525 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64513 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64396 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.6445 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.6448 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64439 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64488 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64504 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64519 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64508 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64479 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4654 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-4654
|
| risk_score |
4.2 |
| exploitability |
0.5 |
| weighted_severity |
8.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zn54-s7jz-ruh8 |
|
| 143 |
| url |
VCID-zr8n-mfu1-4yg4 |
| vulnerability_id |
VCID-zr8n-mfu1-4yg4 |
| summary |
Multiple vulnerabilities have been found in Poppler, some of which
may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3606 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.8942 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89424 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89435 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89437 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89453 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89457 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89465 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89463 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89459 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.04772 |
| scoring_system |
epss |
| scoring_elements |
0.89474 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3606 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-3606
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zr8n-mfu1-4yg4 |
|