Vulnerabilities > Freedesktop
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-08 | CVE-2023-34969 | D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. | 6.5 |
| 2022-11-19 | CVE-2022-4055 | Improper Neutralization of Expression/Command Delimiters vulnerability in Freedesktop Xdg-Utils When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. | 7.4 |
| 2022-10-10 | CVE-2022-42010 | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. | 6.5 |
| 2022-10-10 | CVE-2022-42011 | Improper Validation of Array Index vulnerability in multiple products An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. | 6.5 |
| 2022-10-10 | CVE-2022-42012 | An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. | 6.5 |
| 2022-08-30 | CVE-2022-38784 | Integer Overflow or Wraparound vulnerability in multiple products Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). | 7.8 |
| 2022-08-22 | CVE-2022-38171 | Integer Overflow or Wraparound vulnerability in multiple products Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). | 7.8 |
| 2022-06-02 | CVE-2022-1215 | Use of Externally-Controlled Format String vulnerability in Freedesktop Libinput A format string vulnerability was found in libinput | 7.8 |
| 2022-06-02 | CVE-2022-31782 | Out-of-bounds Write vulnerability in Freedesktop Freetype Demo Programs ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. | 7.8 |
| 2022-05-05 | CVE-2022-27337 | A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | 6.5 |