Filtered by vendor Freedesktop
Subscribe
Total
131 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1215 | 1 Freedesktop | 1 Libinput | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| A format string vulnerability was found in libinput | |||||
| CVE-2020-27748 | 1 Freedesktop | 1 Xdg-utils | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches a sensitive file to a new email. If a victim user does not notice that an attachment was added and sends the email, this could result in sensitive information disclosure. It has been confirmed that the code behind this issue is in xdg-email and not in Thunderbird. | |||||
| CVE-2015-1877 | 2 Debian, Freedesktop | 2 Debian Linux, Xdg-utils | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands via a crafted file. | |||||
| CVE-2020-16127 | 1 Freedesktop | 1 Accountsservice | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location. | |||||
| CVE-2020-16126 | 1 Freedesktop | 1 Accountsservice | 2024-02-04 | 2.1 LOW | 3.3 LOW |
| An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion. | |||||
| CVE-2021-3185 | 1 Freedesktop | 1 Gst-plugins-bad | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. | |||||
| CVE-2020-35512 | 2 Freedesktop, Linux | 2 Dbus, Linux Kernel | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors | |||||
| CVE-2020-27778 | 2 Freedesktop, Redhat | 2 Poppler, Enterprise Linux | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service. | |||||
| CVE-2020-12049 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Dbus | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients. | |||||
| CVE-2019-20367 | 4 Canonical, Debian, Freedesktop and 1 more | 4 Ubuntu Linux, Debian Linux, Libbsd and 1 more | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). | |||||
| CVE-2010-4654 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. | |||||
| CVE-2012-2142 | 4 Freedesktop, Opensuse, Redhat and 1 more | 4 Poppler, Opensuse, Enterprise Linux and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | |||||
| CVE-2010-4653 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. | |||||
| CVE-2019-10871 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. | |||||
| CVE-2019-12749 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Dbus | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
| dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. | |||||
| CVE-2019-9631 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Poppler | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. | |||||
| CVE-2018-21009 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. | |||||
| CVE-2019-9959 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. | |||||
| CVE-2019-12293 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. | |||||
| CVE-2019-10873 | 1 Freedesktop | 1 Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc. | |||||