CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 2CVE-2022-27337 – poppler: A logic error in the Hints::Hints function can cause denial of service
https://notcve.org/view.php?id=CVE-2022-27337
05 May 2022 — A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. Un error lógico en la función Hints::Hints de Poppler versión v22.03.0, permite a atacantes causar una denegación de servicio (DoS) por medio de un archivo PDF diseñado A logic error was found in Popplers' Hints::Hints function in the Hints.cc file. This flaw allows an attacker to trick a user into opening a crafted PDf file into the pdftops utility, which causes the pro... • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1230 • CWE-1173: Improper Use of Validation Framework •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-1215 – libinput: format string vulnerability may lead to privilege escalation
https://notcve.org/view.php?id=CVE-2022-1215
21 Apr 2022 — A format string vulnerability was found in libinput Se ha encontrado una vulnerabilidad de cadena de formato en libinput Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities. • https://seclists.org/oss-sec/2022/q2/47 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 64%CPEs: 15EXPL: 2CVE-2021-30860 – Apple Multiple Products Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-30860
24 Aug 2021 — An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Se ha solucionado un desbordamiento de enteros con una validación de entrada mejorada. • https://github.com/jeffssh/CVE-2021-30860 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-35512 – Ubuntu Security Notice USN-5244-1
https://notcve.org/view.php?id=CVE-2020-35512
15 Feb 2021 — A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors Se encontró un fallo de uso de la memoria previamente l... • https://bugs.gentoo.org/755392 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3185 – Gentoo Linux Security Advisory 202208-31
https://notcve.org/view.php?id=CVE-2021-3185
25 Jan 2021 — A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. Se encontró un fallo en el componente gstreamer h264 de gst-plugins-bad versiones anteriores a v1.18.1, donde al analizar un encabezado h264, un atacante podría causar que la pila manipulada, una corrupción de la memoria y posiblemente se ejecuta el código Multiple vulnerabilities have been found i... • https://bugzilla.redhat.com/show_bug.cgi?id=1917192 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35702
https://notcve.org/view.php?id=CVE-2020-35702
25 Dec 2020 — DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects ** EN DISPUTA ** L... • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1011 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-27748 – Ubuntu Security Notice USN-4649-1
https://notcve.org/view.php?id=CVE-2020-27748
28 Nov 2020 — A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches a sensitive file to a new email. If a victim user does not notice that an attachment was added and sends the email, this could result in sensitive information disclosure. It has been confirmed that the code behind this issue is in... • https://bugzilla.redhat.com/show_bug.cgi?id=1899769 • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-27778 – poppler: pdftohtml: access to uninitialized pointer could lead to DoS
https://notcve.org/view.php?id=CVE-2020-27778
26 Nov 2020 — A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service. Se encontró un fallo en Poppler en la manera en que determinados archivos PDF se convertían a HTML. Un atacante remoto podría explotar este fallo proporcionando un archivo PDF malicioso que, cuando se procesaba por el programa "pdftohtml", bloquea... • https://bugzilla.redhat.com/show_bug.cgi?id=1900712 • CWE-824: Access of Uninitialized Pointer •
CVSS: 3.3EPSS: 1%CPEs: 1EXPL: 2CVE-2020-16126 – accountsservice drops ruid, allows unprivileged users to send it signals
https://notcve.org/view.php?id=CVE-2020-16126
03 Nov 2020 — An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion. Una modificación específica de Ubuntu para AccountsService en versiones anteriores a 0.6.55-0ubuntu13.2, entre otras versiones anteriores, eliminó incorrectamente el ruid, lo que permitió a usuarios que no eran de confianza enviar señal... • https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-16127 – accountsservice .pam_environment infinite loop
https://notcve.org/view.php?id=CVE-2020-16127
03 Nov 2020 — An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location. Una modificación específica de Ubuntu para AccountsService en versiones anteriores a 0.6.55-0ubuntu13.2, entre otras versiones anteriores, llevaría a cabo operaciones de lectura ilimitadas en archivos ~/.pam_environment controlados por e... • https://securitylab.github.com/advisories/GHSL-2020-187-accountsservice-drop-privs-DOS • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •