Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2012-5535
gnome-system-log polkit policy allows arbitrary files on the system to be read
Gnome Gnome-system-log -
Fedoraproject Fedora 17
Fedoraproject Fedora 18
NA
CVE-2011-2198
The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) prior to 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\03...
Gnome Gnome-terminal
Opensuse Opensuse 12.1
Opensuse Opensuse 11.4
Oracle Solaris 11.2
NA
CVE-2005-2944
The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and previous versions allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file.
Brent Ely Gnome Workstation Command Center 0.9.8
Brent Ely Gnome Workstation Command Center
9.8
CVSSv3
CVE-2022-27811
GNOME OCRFeeder prior to 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename.
Gnome Ocrfeeder
7.5
CVSSv3
CVE-2016-20011
libgrss up to and including 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote malicious users to manipulate the contents of feeds without detection. This occurs because of the default behavior of SoupSessionSync.
Gnome Libgrss
NA
CVE-2011-3146
librsvg prior to 2.34.1 uses the node name to identify the type of node, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "...
Gnome Librsvg
7
CVSSv3
CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious prog...
Gnome Gvfs
6.8
CVSSv3
CVE-2008-7320
GNOME Seahorse up to and including 3.30 allows physically proximate malicious users to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents...
Gnome Seahorse
7.8
CVSSv3
CVE-2022-48622
In GNOME GdkPixbuf (aka gdk-pixbuf) up to and including 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an malicious user to overwrite heap ...
Gnome Gdkpixbuf
8.1
CVSSv3
CVE-2021-33516
An issue exists in GUPnP prior to 1.0.7 and 1.1.x and 1.2.x prior to 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending o...
Gnome Gupnp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »