Vulnerabilities > Freedesktop > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2022-37050 In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing.
network
low complexity
freedesktop debian
6.5
6.5
2023-08-22 CVE-2022-37051 Reachable Assertion vulnerability in multiple products
An issue was discovered in Poppler 22.07.0.
network
low complexity
freedesktop debian CWE-617
6.5
6.5
2023-08-22 CVE-2022-37052 Reachable Assertion vulnerability in Freedesktop Poppler 22.07.0
A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
network
low complexity
freedesktop CWE-617
6.5
6.5
2023-08-22 CVE-2022-38349 Reachable Assertion vulnerability in Freedesktop Poppler 22.08.0
An issue was discovered in Poppler 22.08.0.
network
low complexity
freedesktop CWE-617
6.5
6.5
2023-08-22 CVE-2020-18839 Out-of-bounds Write vulnerability in Freedesktop Poppler 0.75.0
Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.
network
low complexity
freedesktop CWE-787
6.5
6.5
2023-08-11 CVE-2020-36023 Infinite Loop vulnerability in Freedesktop Poppler 20.12.1
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
network
low complexity
freedesktop CWE-835
6.5
6.5
2023-08-11 CVE-2020-36024 NULL Pointer Dereference vulnerability in Freedesktop Poppler 20.12.1
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
local
low complexity
freedesktop CWE-476
5.5
5.5
2023-07-31 CVE-2023-34872 Unspecified vulnerability in Freedesktop Poppler
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
local
low complexity
freedesktop
5.5
5.5
2023-06-08 CVE-2023-34969 D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon.
network
low complexity
freedesktop fedoraproject debian
6.5
6.5
2022-10-10 CVE-2022-42010 Improper Verification of Cryptographic Signature vulnerability in multiple products
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2.
network
low complexity
freedesktop fedoraproject CWE-347
6.5
6.5