Vulnerabilities > Freedesktop > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-21 CVE-2024-6239 A flaw was found in the Poppler's Pdfinfo utility.
network
low complexity
freedesktop redhat
7.5
7.5
2023-08-22 CVE-2020-23804 Uncontrolled Recursion vulnerability in multiple products
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
network
low complexity
freedesktop debian CWE-674
7.5
7.5
2022-11-19 CVE-2022-4055 Improper Neutralization of Expression/Command Delimiters vulnerability in Freedesktop Xdg-Utils
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368.
network
low complexity
freedesktop CWE-146
7.4
7.4
2022-08-30 CVE-2022-38784 Integer Overflow or Wraparound vulnerability in multiple products
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc).
local
low complexity
freedesktop debian fedoraproject CWE-190
7.8
7.8
2022-08-22 CVE-2022-38171 Integer Overflow or Wraparound vulnerability in multiple products
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc).
local
low complexity
xpdfreader freedesktop CWE-190
7.8
7.8
2022-06-02 CVE-2022-1215 Use of Externally-Controlled Format String vulnerability in Freedesktop Libinput
A format string vulnerability was found in libinput
local
low complexity
freedesktop CWE-134
7.8
7.8
2021-08-24 CVE-2021-30860 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow was addressed with improved input validation.
local
low complexity
apple xpdfreader freedesktop CWE-190
7.8
7.8
2021-02-15 CVE-2020-35512 Use After Free vulnerability in Freedesktop Dbus 1.12.20
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID.
local
low complexity
freedesktop CWE-416
7.8
7.8
2020-12-25 CVE-2020-35702 Out-of-bounds Write vulnerability in Freedesktop Poppler 20.12.1
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document.
local
low complexity
freedesktop CWE-787
7.8
7.8
2020-12-03 CVE-2020-27778 Access of Uninitialized Pointer vulnerability in multiple products
A flaw was found in Poppler in the way certain PDF files were converted into HTML.
network
low complexity
freedesktop redhat debian CWE-824
7.5
7.5