Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.
Freedesktop Poppler 0.68.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
1 Github repository
4
CVSSv2
CVE-2018-14036
Directory Traversal with ../ sequences occurs in AccountsService prior to 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
Freedesktop Accountsservice
4.3
CVSSv2
CVE-2017-18267
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler up to and including 0.64.0 allows remote malicious users to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
Freedesktop Poppler
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Redhat Ansible Tower 3.3
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 7.0
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-18266
The open_envvar function in xdg-open in xdg-utils prior to 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL, as demonstrated...
Freedesktop Xdg-utils
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
6.8
CVSSv2
CVE-2017-1000456
freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.
Freedesktop Poppler 0.60.1
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-15565
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-14975
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-14976
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5
CVSSv2
CVE-2017-14977
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
5
CVSSv2
CVE-2017-14929
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vu...
Freedesktop Poppler 0.59.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »