Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gtk vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2004-2693
HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.
Hp Hp-ux 11.00
Hp Hp-ux 11.11
Hp Hp-ux 11.04
10
CVSSv2
CVE-2019-14114
Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap...
Qualcomm Apq8009 Firmware -
Qualcomm Apq8017 Firmware -
Qualcomm Apq8053 Firmware -
Qualcomm Apq8064 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Apq8098 Firmware -
Qualcomm Ipq6018 Firmware -
Qualcomm Ipq8074 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9207c Firmware -
Qualcomm Mdm9607 Firmware -
Qualcomm Mdm9640 Firmware -
Qualcomm Mdm9650 Firmware -
Qualcomm Msm8996au Firmware -
Qualcomm Msm8998 Firmware -
Qualcomm Nicobar Firmware -
Qualcomm Qca4531 Firmware -
Qualcomm Qca6174a Firmware -
Qualcomm Qca6564 Firmware -
Qualcomm Qca6574 Firmware -
Qualcomm Qca6574au Firmware -
Qualcomm Qca6584 Firmware -
7.2
CVSSv2
CVE-2011-2922
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local malicious user to escalate privileges to root and use the "GTK_MODULES" environment variable to possibly execute arbitrary code.
Ktsuss Project Ktsuss
7.5
CVSSv2
CVE-2011-3096
Use-after-free vulnerability in Google Chrome prior to 19.0.1084.46 on Linux allows remote malicious users to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox.
Google Chrome
5.1
CVSSv2
CVE-2005-4154
Unspecified vulnerability in PEAR installer 1.4.2 and previous versions allows user-assisted malicious users to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
Php Pear 0.9
Php Pear 0.90
Php Pear 1.2.1
Php Pear 1.2
Php Pear 1.3.3
Php Pear 1.3.3.1
Php Pear 1.3
Php Pear 1.4.0
Php Pear 1.4.1
Php Pear
Php Pear 0.10
Php Pear 0.11
Php Pear 1.1
Php Pear 1.3.1
Php Pear 1.0
Php Pear 1.0.1
Php Pear 1.3.4
Php Pear 1.3.5
Php Pear 1.3.6
7.5
CVSSv2
CVE-2011-3109
Google Chrome prior to 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote malicious users to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI.
Google Chrome 19.0.1084.11
Google Chrome 19.0.1084.10
Google Chrome 19.0.1084.18
Google Chrome 19.0.1084.20
Google Chrome 19.0.1062.1
Google Chrome 19.0.1062.0
Google Chrome 19.0.1084.13
Google Chrome 19.0.1084.12
Google Chrome 19.0.1084.2
Google Chrome 19.0.1084.22
Google Chrome 19.0.1061.1
Google Chrome 19.0.1066.0
Google Chrome 19.0.1067.0
Google Chrome 19.0.1073.0
Google Chrome 19.0.1072.0
Google Chrome 19.0.1077.2
Google Chrome 19.0.1077.3
Google Chrome 19.0.1082.1
Google Chrome 19.0.1083.0
Google Chrome 19.0.1050.0
Google Chrome 19.0.1053.0
Google Chrome 19.0.1052.0
7.7
CVSSv2
CVE-2020-27301
A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "AES_UnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.
Realtek Rtl8710c Firmware -
Realtek Rtl8195a Firmware -
7.7
CVSSv2
CVE-2020-27302
A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.
Realtek Rtl8710c Firmware -
Realtek Rtl8195a Firmware -
NA
CVE-2022-25748
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdr...
Qualcomm Apq8009 Firmware -
Qualcomm Apq8017 Firmware -
Qualcomm Apq8076 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Aqt1000 Firmware -
Qualcomm Ar8031 Firmware -
Qualcomm Ar8035 Firmware -
Qualcomm Ar9380 Firmware -
Qualcomm Csr8811 Firmware -
Qualcomm Csra6620 Firmware -
Qualcomm Csra6640 Firmware -
Qualcomm Csrb31024 Firmware -
Qualcomm Ipq4018 Firmware -
Qualcomm Ipq4028 Firmware -
Qualcomm Ipq4029 Firmware -
Qualcomm Ipq5010 Firmware -
Qualcomm Ipq5018 Firmware -
Qualcomm Ipq5028 Firmware -
Qualcomm Ipq6000 Firmware -
Qualcomm Ipq6010 Firmware -
Qualcomm Ipq6018 Firmware -
Qualcomm Ipq6028 Firmware -
4.6
CVSSv2
CVE-2010-3843
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings fi...
Ettercap-project Ettercap 0.7.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »