Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
Freedesktop Poppler
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2017-14975
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-14976
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5
CVSSv2
CVE-2017-14977
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an malicious user to launch a denial of service attack.
Freedesktop Poppler 0.59.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
5
CVSSv2
CVE-2017-14929
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vu...
Freedesktop Poppler 0.59.0
5
CVSSv2
CVE-2017-14519
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).
Freedesktop Poppler 0.59.0
5
CVSSv2
CVE-2013-7296
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler prior to 0.24.5 does not use the correct specifier within a format string, which allows context-dependent malicious users to cause a denial of service (segmentation fault and application crash) via a crafted PDF fi...
Freedesktop Poppler 0.23.3
Freedesktop Poppler 0.23.2
Freedesktop Poppler 0.22.0
Freedesktop Poppler 0.21.4
Freedesktop Poppler 0.20.3
Freedesktop Poppler 0.20.2
Freedesktop Poppler 0.19.0
Freedesktop Poppler 0.18.4
Freedesktop Poppler 0.17.2
Freedesktop Poppler 0.17.1
Freedesktop Poppler 0.16.2
Freedesktop Poppler 0.16.1
Freedesktop Poppler 0.14.3
Freedesktop Poppler 0.14.2
Freedesktop Poppler 0.13.0
Freedesktop Poppler 0.12.4
Freedesktop Poppler 0.11.1
Freedesktop Poppler 0.11.0
Freedesktop Poppler 0.10.0
Freedesktop Poppler 0.1.2
Freedesktop Poppler
Freedesktop Poppler 0.24.2
5
CVSSv2
CVE-2013-4474
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler prior to 0.24.3 allows remote malicious users to cause a denial of service (crash) via format string specifiers in a destination filename.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Freedesktop Poppler 0.24.0
Freedesktop Poppler 0.23.4
Freedesktop Poppler 0.1
Freedesktop Poppler 0.1.1
Freedesktop Poppler 0.10.5
Freedesktop Poppler 0.10.6
Freedesktop Poppler 0.12.2
Freedesktop Poppler 0.12.3
Freedesktop Poppler 0.14.0
Freedesktop Poppler 0.14.1
Freedesktop Poppler 0.15.2
Freedesktop Poppler 0.15.3
Freedesktop Poppler 0.16.7
Freedesktop Poppler 0.17.0
Freedesktop Poppler 0.18.2
Freedesktop Poppler 0.18.3
Freedesktop Poppler 0.2.0
Freedesktop Poppler 0.20.0
Freedesktop Poppler 0.20.1
1 EDB exploit
4.9
CVSSv2
CVE-2020-12049
An issue exists in dbus >= 1.3.0 prior to 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's priv...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
4.6
CVSSv2
CVE-2018-17336
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing malicious users to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, a...
Freedesktop Udisks 2.8.0
Canonical Ubuntu Linux 18.04
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »