JLSEC-2026-88

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service DoS...

libinput 代码注入漏洞

libinput is an open-source library from freedesktop. It provides a complete input stack for applications that need to handle input devices provided by the kernel. There is a code injection vulnerability in libinput. This vulnerability allows local attackers to place specially crafted Lua bytecode...

fontconfig 安全漏洞

Fontconfig is an open-source font-related computer library developed by freedesktop. Versions of Fontconfig prior to 2.17.1 contained security vulnerabilities. These vulnerabilities stemmed from errors in the allocation process during sfnt processing, which could lead to one-byte out-of-bound...

Astra Linux – Vulnerability in Poppler

A issue with the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause infinite recursion by providing a crafted PDF file. This can lead to a Denial of Service DoS attack...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:4006-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4006-1 advisory. This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to...

EUVD-2020-23606

Malware in sbrugna...

EUVD-2020-23607

Malware in sbrugna...

EUVD-2025-23528

Malicious code in bioql PyPI...

EUVD-2025-23522

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-50422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cairo through 1.18.4, as used in Poppler through 25.08.0, has an unscaled-face == NULL assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

CVE-2025-50420

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service DoS...

CVE-2025-50420

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service DoS...

CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

CVE-2025-50420

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service DoS...

CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

CVE-2025-50422

CVE-2025-50422 affects Cairo (up to 1.18.4) as used in Poppler (up to 25.08.0). The issue is an assertion failure (unscaled->face == NULL) in _cairo_ft_unscaled_font_fini within cairo-ft-font.c, leading to a crash in affected workflows. Mitigations from connected advisories: update Cairo/Poppl...

Freedesktop Poppler 安全漏洞

Freedesktop Poppler is a Freedesktop community C++ class library for generating PDFs, which is inherited from Xpdf PDF reader. A security vulnerability exists in Freedesktop Poppler version v25.04.0, which stems from an infinite recursion in the pdfseparate tool's processing of specially crafted...

PT-2025-31829

Name of the Vulnerable Software and Affected Versions poppler version 25.04.0 Description The heap memory containing PDF stream objects is not cleared upon program exit, potentially allowing attackers to obtain sensitive PDF content via a memory dump. Recommendations At the moment, there is no...

CVE-2025-50420

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service DoS...