Vulnerabilities > Freedesktop
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-30 | CVE-2017-7511 | NULL Pointer Dereference vulnerability in Freedesktop Poppler poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. | 5.5 |
| 2017-05-19 | CVE-2017-9083 | NULL Pointer Dereference vulnerability in Freedesktop Poppler 0.54.0 poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. | 6.5 |
| 2017-03-10 | CVE-2017-6355 | Integer Overflow or Wraparound vulnerability in Freedesktop Virglrenderer 0.5.0 Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access. | 5.5 |
| 2017-02-13 | CVE-2016-2568 | Improper Encoding or Escaping of Output vulnerability in multiple products pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | 7.8 |
| 2017-01-13 | CVE-2016-2090 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow. | 9.8 |
| 2016-05-06 | CVE-2015-8868 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document. | 7.8 |