Vulnerabilities > Freedesktop

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-05	CVE-2019-10872	Out-of-bounds Read vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network low complexity freedesktop CWE-125	8.8
2019-04-05	CVE-2019-10871	Out-of-bounds Read vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network low complexity freedesktop CWE-125	6.5
2019-03-21	CVE-2019-9903	Out-of-bounds Write vulnerability in multiple products PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. network low complexity freedesktop fedoraproject debian canonical redhat CWE-787	6.5
2019-03-08	CVE-2019-9631	Out-of-bounds Read vulnerability in multiple products Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. network low complexity freedesktop fedoraproject debian CWE-125 critical	9.8
2019-03-01	CVE-2019-9545	Improper Input Validation vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network freedesktop CWE-20	6.8
2019-03-01	CVE-2019-9543	Improper Input Validation vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network freedesktop CWE-20	6.8
2019-02-26	CVE-2019-9200	Out-of-bounds Write vulnerability in multiple products A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. network low complexity freedesktop debian canonical CWE-787	8.8
2019-02-03	CVE-2019-7310	Incorrect Conversion between Numeric Types vulnerability in multiple products In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. local low complexity freedesktop canonical debian fedoraproject redhat CWE-681	7.8
2019-01-03	CVE-2018-20662	Improper Input Validation vulnerability in multiple products In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. network low complexity freedesktop debian fedoraproject canonical redhat CWE-20	6.5
2019-01-01	CVE-2018-20650	Improper Input Validation vulnerability in multiple products A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. network low complexity freedesktop canonical debian redhat CWE-20	6.5

Vulnerabilities > Freedesktop {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Freedesktop"}]}

Vulnerabilities > Freedesktop