Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2010-4654
poppler prior to 0.16.3 has malformed commands that may cause corruption of the internal stack.
Freedesktop Poppler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
725
VMScore
CVE-2013-0292
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib prior to 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Freedesktop Dbus-glib
Freedesktop Dbus-glib 0.98
Freedesktop Dbus-glib 0.84
Freedesktop Dbus-glib 0.82
Freedesktop Dbus-glib 0.92
Freedesktop Dbus-glib 0.90
Freedesktop Dbus-glib 0.76
Freedesktop Dbus-glib 0.74
Freedesktop Dbus-glib 0.88
Freedesktop Dbus-glib 0.86
Freedesktop Dbus-glib 0.73
Freedesktop Dbus-glib 0.72
Freedesktop Dbus-glib 0.96
Freedesktop Dbus-glib 0.94
Freedesktop Dbus-glib 0.80
Freedesktop Dbus-glib 0.78
1 EDB exploit
695
VMScore
CVE-2012-4425
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the a...
Freedesktop Spice-gtk -
Gtk Libgio -
1 EDB exploit
695
VMScore
CVE-2012-3524
libdbus 1.5.x and previous versions, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that ...
Freedesktop Libdbus 1.5.2
Freedesktop Libdbus 1.5.6
Freedesktop Libdbus 1.5.8
Freedesktop Libdbus 1.5.0
Freedesktop Libdbus 1.5.10
Freedesktop Libdbus
Freedesktop Libdbus 1.5.4
1 EDB exploit
668
VMScore
CVE-2021-3185
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.
Freedesktop Gst-plugins-bad
668
VMScore
CVE-2019-9631
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
Freedesktop Poppler 0.74.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
668
VMScore
CVE-2016-2090
Off-by-one vulnerability in the fgetwln function in libbsd prior to 0.8.2 allows malicious users to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Freedesktop Libbsd
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
668
VMScore
CVE-2013-4473
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler prior to 0.24.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
Freedesktop Poppler 0.22.4
Freedesktop Poppler 0.22.3
Freedesktop Poppler 0.1
Freedesktop Poppler 0.1.1
Freedesktop Poppler 0.11.3
Freedesktop Poppler 0.12.0
Freedesktop Poppler 0.12.1
Freedesktop Poppler 0.12.2
Freedesktop Poppler 0.12.3
Freedesktop Poppler 0.15.0
Freedesktop Poppler 0.15.1
Freedesktop Poppler 0.15.2
Freedesktop Poppler 0.15.3
Freedesktop Poppler 0.18.0
Freedesktop Poppler 0.18.1
Freedesktop Poppler 0.18.2
Freedesktop Poppler 0.18.3
Freedesktop Poppler 0.21.0
Freedesktop Poppler 0.21.1
Freedesktop Poppler 0.21.2
Freedesktop Poppler 0.21.3
Freedesktop Poppler 0.4.4
668
VMScore
CVE-2010-3702
The Gfx::getPos function in the PDF parser in xpdf prior to 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent malicious users to cause a denial of service (crash) via unknown vectors that trigg...
Apple Cups
Freedesktop Poppler
Xpdfreader Xpdf
Xpdfreader Xpdf 3.02
Fedoraproject Fedora 12
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Opensuse Opensuse 11.1
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
641
VMScore
CVE-2022-1215
A format string vulnerability was found in libinput
Freedesktop Libinput
Freedesktop Libinput 1.20.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »