Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
Freedesktop Poppler
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2017-9406
In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows malicious users to cause a denial of service via a crafted file.
Freedesktop Poppler 0.54.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2017-9408
In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows malicious users to cause a denial of service via a crafted file.
Freedesktop Poppler 0.54.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-9865
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc.
Freedesktop Poppler 0.54.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2022-42010
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-42011
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of t...
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-42012
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
4.3
CVSSv2
CVE-2019-11026
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
Freedesktop Poppler 0.75.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.8
CVSSv2
CVE-2015-1877
The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote malicious users to execute arbitrary commands via a crafted file.
Freedesktop Xdg-utils 1.1.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2022-27337
A logic error in the Hints::Hints function of Poppler v22.03.0 allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Freedesktop Poppler 22.03.0
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »