Filtered by vendor Freedesktop
Subscribe
Total
131 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-16127 | 1 Freedesktop | 1 Accountsservice | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location. | |||||
CVE-2020-16126 | 1 Freedesktop | 1 Accountsservice | 2024-02-04 | 2.1 LOW | 3.3 LOW |
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion. | |||||
CVE-2021-3185 | 1 Freedesktop | 1 Gst-plugins-bad | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. | |||||
CVE-2020-35512 | 2 Freedesktop, Linux | 2 Dbus, Linux Kernel | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors | |||||
CVE-2020-27778 | 2 Freedesktop, Redhat | 2 Poppler, Enterprise Linux | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service. | |||||
CVE-2020-12049 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Dbus | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients. | |||||
CVE-2019-20367 | 4 Canonical, Debian, Freedesktop and 1 more | 4 Ubuntu Linux, Debian Linux, Libbsd and 1 more | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). | |||||
CVE-2010-4654 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. | |||||
CVE-2012-2142 | 4 Freedesktop, Opensuse, Redhat and 1 more | 4 Poppler, Opensuse, Enterprise Linux and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | |||||
CVE-2010-4653 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. | |||||
CVE-2019-10871 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. | |||||
CVE-2019-12749 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Dbus | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. | |||||
CVE-2019-9631 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Poppler | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. | |||||
CVE-2018-21009 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. | |||||
CVE-2019-9959 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. | |||||
CVE-2019-12293 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. | |||||
CVE-2019-10873 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc. | |||||
CVE-2019-10872 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc. | |||||
CVE-2019-11026 | 2 Fedoraproject, Freedesktop | 2 Fedora, Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc. | |||||
CVE-2019-14494 | 3 Canonical, Fedoraproject, Freedesktop | 3 Ubuntu Linux, Fedora, Poppler | 2024-02-04 | 4.3 MEDIUM | 7.5 HIGH |
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc. |