Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1790
poppler/Stream.cc in poppler prior to 0.22.1 allows context-dependent malicious users to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
Freedesktop Poppler
5.5
CVSSv3
CVE-2017-6355
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
Freedesktop Virglrenderer
5.5
CVSSv3
CVE-2017-7515
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.
Freedesktop Poppler
8.8
CVSSv3
CVE-2019-12293
In Poppler up to and including 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
Freedesktop Poppler
3.3
CVSSv3
CVE-2020-16126
An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.
Freedesktop Accountsservice
1 Github repository
NA
CVE-2013-1789
splash/Splash.cc in poppler prior to 0.22.1 allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
Freedesktop Poppler
6.5
CVSSv3
CVE-2018-14036
Directory Traversal with ../ sequences occurs in AccountsService prior to 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
Freedesktop Accountsservice
8.8
CVSSv3
CVE-2018-21009
Poppler prior to 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.
Freedesktop Poppler
5.5
CVSSv3
CVE-2020-16127
An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location.
Freedesktop Accountsservice
1 Github repository
NA
CVE-2010-1149
probers/udisks-dm-export.c in udisks prior to 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev...
Freedesktop Udisks
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »