Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be u...
Freedesktop Poppler 0.53.0
4.3
CVSSv2
CVE-2017-9865
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc.
Freedesktop Poppler 0.54.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-7515
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.
Freedesktop Poppler
4.3
CVSSv2
CVE-2017-9406
In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows malicious users to cause a denial of service via a crafted file.
Freedesktop Poppler 0.54.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2017-9408
In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows malicious users to cause a denial of service via a crafted file.
Freedesktop Poppler 0.54.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-7511
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
Freedesktop Poppler 0.54.0
Freedesktop Poppler 0.53.0
Freedesktop Poppler 0.52.0
Freedesktop Poppler 0.45.0
Freedesktop Poppler 0.44.0
Freedesktop Poppler 0.37.0
Freedesktop Poppler 0.36.0
Freedesktop Poppler 0.28.1
Freedesktop Poppler 0.28.0
Freedesktop Poppler 0.25.3
Freedesktop Poppler 0.25.2
Freedesktop Poppler 0.24.1
Freedesktop Poppler 0.24.0
Freedesktop Poppler 0.22.3
Freedesktop Poppler 0.22.2
Freedesktop Poppler 0.21.0
Freedesktop Poppler 0.20.5
Freedesktop Poppler 0.19.3
Freedesktop Poppler 0.19.2
Freedesktop Poppler 0.17.4
Freedesktop Poppler 0.17.3
Freedesktop Poppler 0.55.0
4.3
CVSSv2
CVE-2017-9083
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
Freedesktop Poppler 0.54.0
2.1
CVSSv2
CVE-2017-6355
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
Freedesktop Virglrenderer
7.5
CVSSv2
CVE-2016-2090
Off-by-one vulnerability in the fgetwln function in libbsd prior to 0.8.2 allows malicious users to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Freedesktop Libbsd
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
1.9
CVSSv2
CVE-2015-0245
D-Bus 1.4.x up to and including 1.6.x prior to 1.6.30, 1.8.x prior to 1.8.16, and 1.9.x prior to 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condit...
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.5.6
Freedesktop Dbus 1.6.24
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.5.8
Freedesktop Dbus 1.5.4
Freedesktop Dbus 1.5.10
Freedesktop Dbus 1.9.0
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.6.26
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »