Vulnerabilidades em freedesktop
8 resultadosCVE-2020-16126LOWaccountsservice drops ruid, allows unprivileged users to send it signalsEPSS 0.5%CVE-2026-50292HIGHIn libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrEPSS 0.5%CVE-2020-16127LOWaccountsservice .pam_environment infinite loopEPSS 0.4%CVE-2025-32365MEDIUMPoppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc becaEPSS 0.2%CVE-2025-32364MEDIUMA floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformedEPSS 0.2%CVE-2025-52968LOWxdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. (For example, xdg-open EPSS 0.2%CVE-2025-43718LOWPoppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such asEPSS 0.1%CVE-2025-43903MEDIUMNSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signatEPSS 0.1%