Vulnerabilities > Gnome > Glib > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-14 CVE-2023-29499 Resource Exhaustion vulnerability in Gnome Glib
A flaw was found in GLib.
network
low complexity
gnome CWE-400
7.5
2023-09-14 CVE-2023-32636 Deserialization of Untrusted Data vulnerability in Gnome Glib
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499.
network
low complexity
gnome CWE-502
7.5
2023-09-14 CVE-2023-32643 Out-of-bounds Write vulnerability in Gnome Glib
A flaw was found in GLib.
local
low complexity
gnome CWE-787
7.8
2021-02-15 CVE-2021-27219 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-15 CVE-2021-27218 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2020-12-14 CVE-2020-35457 Integer Overflow or Wraparound vulnerability in Gnome Glib
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries.
local
low complexity
gnome CWE-190
7.8
2019-06-28 CVE-2019-13012 Incorrect Permission Assignment for Critical Resource vulnerability in Gnome Glib
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL).
network
low complexity
gnome CWE-732
7.5
2018-09-04 CVE-2018-16429 Out-of-bounds Read vulnerability in multiple products
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
network
low complexity
gnome canonical CWE-125
7.5
2018-09-04 CVE-2018-16428 NULL Pointer Dereference vulnerability in multiple products
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
network
low complexity
gnome canonical CWE-476
7.5
2011-06-14 CVE-2011-1709 Permissions, Privileges, and Access Controls vulnerability in Gnome GDM
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.
local
low complexity
gnome CWE-264
7.2