Filtered by vendor Gnome
Subscriptions
Total
331 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0820 | 1 Gnome | 1 Dwarf Http Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified error messages. | ||||
| CVE-2005-2549 | 2 Gnome, Redhat | 2 Evolution, Enterprise Linux | 2025-04-03 | N/A |
| Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers. | ||||
| CVE-2004-0782 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687). | ||||
| CVE-2005-2958 | 1 Gnome | 1 Libgda2 | 2025-04-03 | N/A |
| Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code. | ||||
| CVE-2000-0864 | 1 Gnome | 1 Esound | 2025-04-03 | N/A |
| Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack. | ||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2025-04-03 | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | ||||
| CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2025-04-03 | N/A |
| libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | ||||
| CVE-1999-1477 | 2 Gnome, Mandrakesoft | 2 Gnome Libs, Mandrake Linux | 2025-04-03 | N/A |
| Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack. | ||||
| CVE-2001-0084 | 1 Gnome | 1 Gtk | 2025-04-03 | N/A |
| GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program. | ||||
| CVE-2006-1057 | 2 Gnome, Redhat | 2 Gdm, Enterprise Linux | 2025-04-03 | N/A |
| Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. | ||||
| CVE-2004-0888 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | N/A |
| Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | ||||
| CVE-2003-0548 | 2 Gnome, Redhat | 5 Gdm, Enterprise Linux, Kdebase and 2 more | 2025-04-03 | N/A |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | ||||
| CVE-2004-0111 | 3 Gnome, Redhat, Sgi | 6 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 3 more | 2025-04-03 | N/A |
| gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. | ||||
| CVE-2006-3057 | 1 Gnome | 1 Dhcdbd | 2025-04-03 | N/A |
| Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption. | ||||
| CVE-2023-26081 | 2 Fedoraproject, Gnome | 2 Fedora, Epiphany | 2025-03-18 | 7.5 High |
| In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. | ||||
| CVE-2023-32665 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2025-02-13 | 5.5 Medium |
| A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. | ||||
| CVE-2023-32643 | 1 Gnome | 1 Glib | 2025-02-13 | 5.3 Medium |
| A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. | ||||
| CVE-2023-32636 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2025-02-13 | 4.7 Medium |
| A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. | ||||
| CVE-2023-32611 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2025-02-13 | 5.5 Medium |
| A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. | ||||
| CVE-2021-20240 | 2 Fedoraproject, Gnome | 2 Fedora, Gdk-pixbuf | 2025-02-12 | 8.8 High |
| A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||