Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3567
A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. An attacker could use this flaw to bypass screen-locking applications that leverage Caribou as an input mechanism. The highest threat from this vulnerability is to system availability.
Gnome Caribou
9.8
CVSSv3
CVE-2022-27811
GNOME OCRFeeder prior to 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename.
Gnome Ocrfeeder
7.5
CVSSv3
CVE-2022-23308
valid.c in libxml2 prior to 2.9.13 has a use-after-free of ID and IDREF attributes.
Xmlsoft Libxml2
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Apple Mac Os X 10.15.7
Apple Mac Os X
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Ipados
Apple Macos
Netapp Snapdrive -
Netapp Snapmanager -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
6.1
CVSSv3
CVE-2021-20315
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to k...
Gnome Gnome-shell
Centos Stream 8
8.8
CVSSv3
CVE-2021-44648
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
Gnome Gdkpixbuf 2.42.6
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2021-45085
XSS can occur in GNOME Web (aka Epiphany) prior to 40.4 and 41.x prior to 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list.
Gnome Epiphany
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2021-45086
XSS can occur in GNOME Web (aka Epiphany) prior to 40.4 and 41.x prior to 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.
Gnome Epiphany
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2021-45087
XSS can occur in GNOME Web (aka Epiphany) prior to 40.4 and 41.x prior to 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title.
Gnome Epiphany
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2021-45088
XSS can occur in GNOME Web (aka Epiphany) prior to 40.4 and 41.x prior to 41.1 via an error page.
Gnome Epiphany
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.9
CVSSv3
CVE-2021-39365
In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Gnome Grilo
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »