Vulnerabilities > Freedesktop

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-19	CVE-2022-4055	Improper Neutralization of Expression/Command Delimiters vulnerability in Freedesktop Xdg-Utils When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. network low complexity freedesktop CWE-146	7.4
2022-08-30	CVE-2022-38784	Integer Overflow or Wraparound vulnerability in multiple products Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). local low complexity freedesktop debian fedoraproject CWE-190	7.8
2022-08-22	CVE-2022-38171	Integer Overflow or Wraparound vulnerability in multiple products Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). local low complexity xpdfreader freedesktop CWE-190	7.8
2022-06-02	CVE-2022-1215	Use of Externally-Controlled Format String vulnerability in Freedesktop Libinput A format string vulnerability was found in libinput local low complexity freedesktop CWE-134	7.2
2022-06-02	CVE-2022-31782	Out-of-bounds Write vulnerability in Freedesktop Freetype Demo Programs ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. network freedesktop CWE-787	6.8
2022-05-05	CVE-2022-27337	A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. network low complexity freedesktop fedoraproject debian	6.5
2021-08-24	CVE-2021-30860	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow was addressed with improved input validation. local low complexity apple xpdfreader freedesktop CWE-190	7.8
2021-06-02	CVE-2015-1877	Command Injection vulnerability in multiple products The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands via a crafted file. network freedesktop debian CWE-77	6.8
2021-06-01	CVE-2020-27748	Information Exposure Through Sent Data vulnerability in Freedesktop Xdg-Utils A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. network freedesktop CWE-201	4.3
2021-01-26	CVE-2021-3185	Out-of-bounds Write vulnerability in Freedesktop Gst-Plugins-Bad A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. network low complexity freedesktop CWE-787 critical	9.8

Vulnerabilities > Freedesktop {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Freedesktop"}]}

Vulnerabilities > Freedesktop