Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gtk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-36774
plugins/gtk+/glade-gtk-box.c in GNOME Glade prior to 3.38.1 and 3.39.x prior to 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).
NA
CVE-2023-28581
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
Qualcomm Fastconnect 6800 Firmware -
Qualcomm Fastconnect 6900 Firmware -
Qualcomm Fastconnect 7800 Firmware -
Qualcomm Qca6391 Firmware -
Qualcomm Qca6426 Firmware -
Qualcomm Qca6436 Firmware -
Qualcomm Sd 8 Gen1 5g Firmware -
Qualcomm Sd865 5g Firmware -
Qualcomm Snapdragon 8 Gen 1 Firmware -
Qualcomm Snapdragon 865 5g Firmware -
Qualcomm Snapdragon 865\\+ 5g Firmware -
Qualcomm Snapdragon 870 5g Firmware -
Qualcomm Snapdragon Ar2 Gen 1 Firmware -
Qualcomm Snapdragon Xr2 5g Firmware -
Qualcomm Ssg2115p Firmware -
Qualcomm Ssg2125p Firmware -
Qualcomm Sxr1230p Firmware -
Qualcomm Sxr2230p Firmware -
Qualcomm Wcd9380 Firmware -
Qualcomm Wcd9385 Firmware -
Qualcomm Wcn6740 Firmware -
Qualcomm Wsa8810 Firmware -
5
CVSSv2
CVE-2013-7324
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote malicious users to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME de...
Webkitgtk Webkitgtk
5.1
CVSSv2
CVE-2006-5864
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted malicious users to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1)...
Gnu Gv 3.6.0
Gnu Gv 3.6.1
Gnu Gv 3.6.2
Gnu Gv 3.5.8
1 EDB exploit
4.3
CVSSv2
CVE-2015-5314
The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x prior to 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configu...
W1.fi Wpa Supplicant
Debian Debian Linux 8.0
5
CVSSv2
CVE-2014-5116
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent malicious users to cause a denial of service (NULL pointer dereference) via a large string.
Cairographics Cairo 1.10.2
1 EDB exploit
4.3
CVSSv2
CVE-2015-5315
The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x prior to 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote malicious users to cause a den...
W1.fi Wpa Supplicant
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2015-5316
The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x prior to 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an EAP-pw...
W1.fi Wpa Supplicant
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK up to and including 2.23.90 and WebKitGTK+ up to and including 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote malicious users to cause a denial of ser...
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk\\+
Opensuse Leap 15.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
4.4
CVSSv2
CVE-2009-0848
Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to execute arbitrary code via a Trojan horse GTK module in an unspecified "relative search path."
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »