Vulnerabilities (CVE)

Filtered by vendor Freedesktop Subscribe
Total 134 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-1000456 2 Debian, Freedesktop 2 Debian Linux, Poppler 2023-12-10 6.8 MEDIUM 8.8 HIGH
freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.
CVE-2017-7515 1 Freedesktop 1 Poppler 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.
CVE-2017-9408 2 Debian, Freedesktop 2 Debian Linux, Poppler 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-6355 1 Freedesktop 1 Virglrenderer 2023-12-10 2.1 LOW 5.5 MEDIUM
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
CVE-2016-2568 2 Freedesktop, Redhat 2 Polkit, Enterprise Linux 2023-12-10 4.4 MEDIUM 7.8 HIGH
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
CVE-2016-2090 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
CVE-2017-9083 1 Freedesktop 1 Poppler 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
CVE-2015-8868 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2023-12-10 9.3 HIGH 7.8 HIGH
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.
CVE-2010-5110 1 Freedesktop 1 Poppler 2023-12-10 4.3 MEDIUM N/A
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
CVE-2013-7296 1 Freedesktop 1 Poppler 2023-12-10 5.0 MEDIUM N/A
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file.
CVE-2013-4472 1 Freedesktop 1 Poppler 2023-12-10 3.3 LOW N/A
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
CVE-2014-0004 2 Canonical, Freedesktop 2 Ubuntu Linux, Udisks 2023-12-10 6.9 MEDIUM N/A
Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
CVE-2013-1788 1 Freedesktop 1 Poppler 2023-12-10 6.8 MEDIUM N/A
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
CVE-2013-4474 2 Canonical, Freedesktop 2 Ubuntu Linux, Poppler 2023-12-10 5.0 MEDIUM N/A
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
CVE-2012-4425 2 Freedesktop, Gtk 2 Spice-gtk, Libgio 2023-12-10 6.9 MEDIUM N/A
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself.
CVE-2013-1789 1 Freedesktop 1 Poppler 2023-12-10 4.3 MEDIUM N/A
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
CVE-2012-3524 1 Freedesktop 1 Libdbus 2023-12-10 6.9 MEDIUM N/A
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
CVE-2013-4473 2 Canonical, Freedesktop 2 Ubuntu Linux, Poppler 2023-12-10 7.5 HIGH N/A
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
CVE-2013-0292 1 Freedesktop 1 Dbus-glib 2023-12-10 7.2 HIGH N/A
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
CVE-2013-1790 1 Freedesktop 1 Poppler 2023-12-10 6.8 MEDIUM N/A
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.