Vulnerabilities > Gnome
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-22 | CVE-2021-39359 | Improper Certificate Validation vulnerability in multiple products In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. | 5.9 |
| 2021-08-22 | CVE-2021-39360 | Improper Certificate Validation vulnerability in multiple products In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. | 5.9 |
| 2021-08-22 | CVE-2021-39361 | Improper Certificate Validation vulnerability in Gnome Evolution-Rss In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. | 5.9 |
| 2021-07-19 | CVE-2020-36427 | Unspecified vulnerability in Gnome Gthumb GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image. | 5.5 |
| 2021-05-28 | CVE-2021-20240 | A flaw was found in gdk-pixbuf in versions before 2.42.0. | 8.8 |
| 2021-05-26 | CVE-2009-3721 | Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. | 7.8 |
| 2021-05-26 | CVE-2021-20297 | Improper Input Validation vulnerability in multiple products A flaw was found in NetworkManager in versions before 1.30.0. | 5.5 |
| 2021-05-25 | CVE-2016-20011 | Improper Certificate Validation vulnerability in Gnome Libgrss libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. | 7.5 |
| 2021-05-24 | CVE-2021-33516 | Unspecified vulnerability in Gnome Gupnp An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. | 8.1 |
| 2021-04-07 | CVE-2020-36314 | Link Following vulnerability in multiple products fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. | 3.9 |