Vulnerabilities > Freedesktop

DATE CVE VULNERABILITY TITLE RISK
2017-05-19 CVE-2017-9083 NULL Pointer Dereference vulnerability in Freedesktop Poppler 0.54.0
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc.
4.3
2017-03-10 CVE-2017-6355 Integer Overflow or Wraparound vulnerability in Freedesktop Virglrenderer
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
local
low complexity
freedesktop CWE-190
2.1
2017-02-13 CVE-2016-2568 Improper Encoding or Escaping of Output vulnerability in multiple products
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
4.4
2017-01-13 CVE-2016-2090 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
network
low complexity
fedoraproject freedesktop debian canonical CWE-119
critical
9.8
2016-05-06 CVE-2015-8868 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.
9.3
2014-08-29 CVE-2010-5110 Improper Input Validation vulnerability in Freedesktop Poppler
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
4.3
2014-04-22 CVE-2013-4472 Link Following vulnerability in Freedesktop Poppler
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
3.3
2014-01-26 CVE-2013-7296 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freedesktop Poppler
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file.
network
low complexity
freedesktop CWE-119
5.0
2013-11-23 CVE-2013-4474 Improper Input Validation vulnerability in multiple products
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
network
low complexity
canonical freedesktop CWE-20
5.0
2013-11-23 CVE-2013-4473 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
network
low complexity
freedesktop canonical CWE-119
7.5