Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-14520
In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.
Freedesktop Poppler 0.59.0
6.8
CVSSv2
CVE-2017-2814
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker contr...
Freedesktop Poppler 0.53.0
6.8
CVSSv2
CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be u...
Freedesktop Poppler 0.53.0
6.8
CVSSv2
CVE-2017-2820
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary co...
Freedesktop Poppler 0.53.0
6.8
CVSSv2
CVE-2013-1788
poppler prior to 0.22.1 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
Freedesktop Poppler
6.8
CVSSv2
CVE-2013-1790
poppler/Stream.cc in poppler prior to 0.22.1 allows context-dependent malicious users to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
Freedesktop Poppler
6.8
CVSSv2
CVE-2009-0068
Interaction error in xdg-open allows remote malicious users to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as d...
Freedesktop Xdg-utils 1.0
6.8
CVSSv2
CVE-2007-3387
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler prior to 0.5.91, (2) gpdf prior to 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote malicious users to execute arbitrary code via ...
Xpdfreader Xpdf 3.02
Apple Cups
Freedesktop Poppler
Gpdf Project Gpdf
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
6.4
CVSSv2
CVE-2019-20367
nlist.c in libbsd prior to 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).
Freedesktop Libbsd
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
6.4
CVSSv2
CVE-2011-1000
jingle-factory.c in Telepathy Gabble 0.11 prior to 0.11.7, 0.10 prior to 0.10.5, and 0.8 prior to 0.8.15 allows remote malicious users to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.
Freedesktop Telepathy Gabble 0.11.2
Freedesktop Telepathy Gabble 0.11.3
Freedesktop Telepathy Gabble 0.11.6
Freedesktop Telepathy Gabble 0.11.4
Freedesktop Telepathy Gabble 0.11.5
Freedesktop Telepathy Gabble 0.11
Freedesktop Telepathy Gabble 0.11.1
Freedesktop Telepathy Gabble 0.10.2
Freedesktop Telepathy Gabble 0.10.3
Freedesktop Telepathy Gabble 0.10.4
Freedesktop Telepathy Gabble 0.10
Freedesktop Telepathy Gabble 0.10.1
Freedesktop Telepathy Gabble 0.8.4
Freedesktop Telepathy Gabble 0.8.5
Freedesktop Telepathy Gabble 0.8.6
Freedesktop Telepathy Gabble 0.8.13
Freedesktop Telepathy Gabble 0.8.14
Freedesktop Telepathy Gabble 0.8
Freedesktop Telepathy Gabble 0.8.1
Freedesktop Telepathy Gabble 0.8.9
Freedesktop Telepathy Gabble 0.8.10
Freedesktop Telepathy Gabble 0.8.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »