Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-32636
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib bu...
Gnome Glib
7.8
CVSSv3
CVE-2023-32643
A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to b...
Gnome Glib
5.5
CVSSv3
CVE-2023-32665
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.
Gnome Glib
5.5
CVSSv3
CVE-2023-32611
A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.
Gnome Glib
7.5
CVSSv3
CVE-2023-29499
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.
Gnome Glib
7.8
CVSSv3
CVE-2023-36250
CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local malicious users to execute arbitrary code via crafted .tsv file when creating a new record.
Gnome Gnome-time Tracker 3.0.2
1 Github repository
10
CVSSv3
CVE-2023-1523
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-te...
Canonical Snapd
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
6.5
CVSSv3
CVE-2020-24904
An issue exists in attach parameter in GNOME Gmail version 2.5.4, allows remote malicious users to gain sensitive information via crafted "mailto" link.
Davesteele Gnome-gmail 2.5.4
5.5
CVSSv3
CVE-2023-38633
A directory traversal problem in the URL decoder of librsvg prior to 2.56.3 could be used by local or remote malicious users to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in...
Gnome Librsvg
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-25180
Rejected reason: Rejected by upstream.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »