Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-19308
In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).
Gnome Gnome-font-viewer 3.34.0
NA
CVE-2005-0023
gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.
Gnome Libvte4
Gnome Libzvt2 1.4.2.19
1 EDB exploit
NA
CVE-2003-0080
The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow malicious users to bypass intended access restrictions if packet forwarding is enabled.
Gnome Gnome-lokkit 0.50 21
NA
CVE-2005-2976
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ prior to 2.8.7 allows malicious users to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
Gnome Gdkpixbuf 0.22
Gnome Gtk
6.4
CVSSv3
CVE-2017-12164
A flaw exists in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
Gnome Gnome Display Manager 3.24.1
5.5
CVSSv3
CVE-2017-7960
The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted CSS file.
Gnome Libcroco 0.6.12
Gnome Libcroco 0.6.11
7.8
CVSSv3
CVE-2017-7961
The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote malicious users to cause a denial of service (application crash) or possibly ha...
Gnome Libcroco 0.6.12
Gnome Libcroco 0.6.11
5.5
CVSSv3
CVE-2020-36241
autoar-extractor.c in GNOME gnome-autoar up to and including 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extr...
Gnome Gnome-autoar
Fedoraproject Fedora 34
NA
CVE-2003-0133
GtkHTML, as included in Evolution prior to 1.2.4, allows remote malicious users to cause a denial of service (crash) via certain malformed messages.
Gnome Gtkhtml 1.1.10
Gnome Gtkhtml 1.1.9
NA
CVE-2006-3057
Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote malicious users to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption.
Gnome Dhcdbd 1.10
Gnome Dhcdbd 1.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »