Skip to main content

Evince

4 CVEs product

Monthly

CVE-2019-1010006 HIGH POC This Week

Evince 3.26.0 is affected by buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow Evince Ubuntu Linux +2
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2019-11459 MEDIUM PATCH This Month

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Evince Ubuntu Linux Fedora Debian Linux +5
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2017-1000159 HIGH PATCH This Week

Command injection in evince via filename when printing to PDF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Evince
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-1000083 HIGH POC PATCH THREAT Act Now

backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 76.7%.

Information Disclosure Checkpoint Evince Debian Linux Enterprise Linux Desktop +5
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
76.7%
Threat
5.4
EPSS 2% CVSS 7.8
HIGH POC This Week

Evince 3.26.0 is affected by buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow +4
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Evince Ubuntu Linux +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Command injection in evince via filename when printing to PDF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Evince
NVD
EPSS 77% 5.4 CVSS 7.8
HIGH POC PATCH THREAT Act Now

backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 76.7%.

Information Disclosure Checkpoint Evince +7
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy