Filtered by vendor Gnome
Subscribe
Total
72 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-35457 | 1 Gnome | 1 Glib | 2024-03-21 | 4.6 MEDIUM | 7.8 HIGH |
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries()." The researcher states that this pattern is undocumented | |||||
CVE-2019-25085 | 1 Gnome | 1 Gvariant Database | 2024-03-21 | N/A | 8.8 HIGH |
A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to initiate the attack remotely. The name of the patch is d83587b2a364eb9a9a53be7e6a708074e252de14. It is recommended to apply a patch to fix this issue. The identifier VDB-216789 was assigned to this vulnerability. | |||||
CVE-2018-19358 | 1 Gnome | 1 Gnome-keyring | 2024-03-21 | 2.1 LOW | 7.8 HIGH |
GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms (involving the busconfig and policy XML elements) are not used. NOTE: the vendor disputes this because, according to the security model, untrusted applications must not be allowed to access the user's session bus socket. | |||||
CVE-2017-7961 | 1 Gnome | 1 Libcroco | 2024-03-21 | 6.8 MEDIUM | 7.8 HIGH |
The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file. NOTE: third-party analysis reports "This is not a security issue in my view. The conversion surely is truncating the double into a long value, but there is no impact as the value is one of the RGB components. | |||||
CVE-2009-3289 | 3 Gnome, Opensuse, Suse | 3 Glib, Opensuse, Suse Linux Enterprise Server | 2024-02-08 | 4.4 MEDIUM | 7.8 HIGH |
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory. | |||||
CVE-2022-48622 | 1 Gnome | 1 Gdkpixbuf | 2024-02-02 | N/A | 7.8 HIGH |
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c. | |||||
CVE-2005-0891 | 1 Gnome | 1 Gtk | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. | |||||
CVE-2019-1010006 | 4 Canonical, Debian, Gnome and 1 more | 4 Ubuntu Linux, Debian Linux, Evince and 1 more | 2024-02-02 | 6.8 MEDIUM | 7.8 HIGH |
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail. | |||||
CVE-2023-32636 | 1 Gnome | 1 Glib | 2024-01-12 | N/A | 7.5 HIGH |
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. | |||||
CVE-2023-5557 | 2 Gnome, Redhat | 2 Tracker Miners, Enterprise Linux | 2023-12-12 | N/A | 7.7 HIGH |
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability. | |||||
CVE-2023-36250 | 1 Gnome | 1 Gnome-time Tracker | 2023-12-10 | N/A | 7.8 HIGH |
CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record. | |||||
CVE-2023-32643 | 1 Gnome | 1 Glib | 2023-12-10 | N/A | 7.8 HIGH |
A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. | |||||
CVE-2023-29499 | 1 Gnome | 1 Glib | 2023-12-10 | N/A | 7.5 HIGH |
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. | |||||
CVE-2023-26081 | 2 Fedoraproject, Gnome | 2 Fedora, Epiphany | 2023-12-10 | N/A | 7.5 HIGH |
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. | |||||
CVE-2021-42522 | 1 Gnome | 1 Anjuta | 2023-12-10 | N/A | 7.5 HIGH |
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'g_free()' to release the return value of 'xmlGetProp()'. | |||||
CVE-2021-46829 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Gdk-pixbuf | 2023-12-10 | N/A | 7.8 HIGH |
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems. | |||||
CVE-2022-29536 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Epiphany | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. | |||||
CVE-2021-3567 | 1 Gnome | 1 Caribou | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. An attacker could use this flaw to bypass screen-locking applications that leverage Caribou as an input mechanism. The highest threat from this vulnerability is to system availability. | |||||
CVE-2021-44648 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Gdkpixbuf | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. | |||||
CVE-2016-20011 | 1 Gnome | 1 Libgrss | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the default behavior of SoupSessionSync. |