Vulnerabilities > Gnome
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-20 | CVE-2023-26081 | Exposure of Resource to Wrong Sphere vulnerability in multiple products In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. | 7.5 |
2022-11-14 | CVE-2022-37290 | NULL Pointer Dereference vulnerability in multiple products GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive. | 5.5 |
2022-08-25 | CVE-2021-42522 | Information Exposure vulnerability in Gnome Anjuta 2.0.0 There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. | 7.5 |
2022-08-23 | CVE-2021-3800 | Information Exposure vulnerability in multiple products A flaw was found in glib before version 2.63.6. | 7.5 |
2022-07-24 | CVE-2021-46829 | Out-of-bounds Write vulnerability in multiple products GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. | 7.8 |
2022-04-29 | CVE-2021-3982 | Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. | 5.5 |
2022-04-20 | CVE-2022-29536 | Out-of-bounds Write vulnerability in multiple products In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. | 7.5 |
2022-03-25 | CVE-2021-3567 | Improper Input Validation vulnerability in Gnome Caribou A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. | 5.0 |
2022-03-24 | CVE-2022-27811 | OS Command Injection vulnerability in Gnome Ocrfeeder GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename. | 7.5 |
2022-02-18 | CVE-2021-20315 | Improper Locking vulnerability in multiple products A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. | 6.1 |