Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34872
A vulnerability in Outline.cc for Poppler before 23.06.0 allows a remote malicious user to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
Freedesktop Poppler
6.8
CVSSv2
CVE-2013-1788
poppler prior to 0.22.1 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
Freedesktop Poppler
2.1
CVSSv2
CVE-2010-1149
probers/udisks-dm-export.c in udisks prior to 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev...
Freedesktop Udisks
2.1
CVSSv2
CVE-2020-16126
An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.
Freedesktop Accountsservice
1 Github repository
2.1
CVSSv2
CVE-2020-16127
An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location.
Freedesktop Accountsservice
1 Github repository
2.1
CVSSv2
CVE-2017-6355
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
Freedesktop Virglrenderer
6.8
CVSSv2
CVE-2019-12293
In Poppler up to and including 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
Freedesktop Poppler
4.3
CVSSv2
CVE-2013-1789
splash/Splash.cc in poppler prior to 0.22.1 allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
Freedesktop Poppler
4
CVSSv2
CVE-2018-14036
Directory Traversal with ../ sequences occurs in AccountsService prior to 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
Freedesktop Accountsservice
6.8
CVSSv2
CVE-2013-1790
poppler/Stream.cc in poppler prior to 0.22.1 allows context-dependent malicious users to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
Freedesktop Poppler
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »