Filtered by vendor Freedesktop
Subscriptions
Total
135 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4474 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2025-04-11 | N/A |
| Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename. | ||||
| CVE-2013-7296 | 1 Freedesktop | 1 Poppler | 2025-04-11 | N/A |
| The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file. | ||||
| CVE-2012-3524 | 2 Freedesktop, Redhat | 2 Libdbus, Enterprise Linux | 2025-04-11 | N/A |
| libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus." | ||||
| CVE-2011-2200 | 3 D-bus Project, Freedesktop, Redhat | 3 D-bus, Dbus, Enterprise Linux | 2025-04-11 | N/A |
| The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain potentially sensitive information, or conduct unspecified state-modification attacks via crafted messages. | ||||
| CVE-2010-3702 | 9 Apple, Canonical, Debian and 6 more | 12 Cups, Ubuntu Linux, Debian Linux and 9 more | 2025-04-11 | N/A |
| The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. | ||||
| CVE-2008-1658 | 1 Freedesktop | 1 Policykit | 2025-04-09 | N/A |
| Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password. | ||||
| CVE-2008-4984 | 1 Freedesktop | 1 Scratchbox2 | 2025-04-09 | N/A |
| scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts. | ||||
| CVE-2009-0068 | 2 Freedesktop, Mozilla | 2 Xdg-utils, Firefox | 2025-04-09 | N/A |
| Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as demonstrated by overwriting the .desktop file. | ||||
| CVE-2007-3387 | 7 Apple, Canonical, Debian and 4 more | 7 Cups, Ubuntu Linux, Debian Linux and 4 more | 2025-04-09 | N/A |
| Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. | ||||
| CVE-2009-1189 | 2 Freedesktop, Redhat | 2 Dbus, Enterprise Linux | 2025-04-09 | N/A |
| The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834. | ||||
| CVE-2008-0595 | 4 Fedoraproject, Freedesktop, Mandrakesoft and 1 more | 4 Fedora, Dbus, Mandrake Linux and 1 more | 2025-04-09 | N/A |
| dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface. | ||||
| CVE-2008-4311 | 1 Freedesktop | 1 Dbus | 2025-04-09 | N/A |
| The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply. | ||||
| CVE-2008-3834 | 2 Freedesktop, Redhat | 4 Dbus, Dbus1.0, Dbus1.1.0 and 1 more | 2025-04-09 | N/A |
| The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error. | ||||
| CVE-2021-30860 | 3 Apple, Freedesktop, Xpdfreader | 7 Ipados, Iphone Os, Mac Os X and 4 more | 2025-02-03 | 7.8 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | ||||
| CVE-2019-12749 | 3 Canonical, Freedesktop, Redhat | 5 Ubuntu Linux, Dbus, Enterprise Linux and 2 more | 2024-12-06 | N/A |
| dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. | ||||
| CVE-2023-34872 | 1 Freedesktop | 1 Poppler | 2024-11-21 | 5.5 Medium |
| A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. | ||||
| CVE-2022-38784 | 4 Debian, Fedoraproject, Freedesktop and 1 more | 4 Debian Linux, Fedora, Poppler and 1 more | 2024-11-21 | 7.8 High |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | ||||
| CVE-2022-38349 | 1 Freedesktop | 1 Poppler | 2024-11-21 | 6.5 Medium |
| An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. | ||||
| CVE-2022-38171 | 2 Freedesktop, Xpdfreader | 2 Poppler, Xpdf | 2024-11-21 | 7.8 High |
| Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics). | ||||
| CVE-2022-37052 | 1 Freedesktop | 1 Poppler | 2024-11-21 | 6.5 Medium |
| A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. | ||||