Vulnerabilities > Gnome
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-22 | CVE-2021-39361 | Improper Certificate Validation vulnerability in Gnome Evolution-Rss In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. | 4.3 |
| 2021-07-19 | CVE-2020-36427 | Unspecified vulnerability in Gnome Gthumb GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image. network gnome | 4.3 |
| 2021-05-28 | CVE-2021-20240 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in gdk-pixbuf in versions before 2.42.0. | 8.8 |
| 2021-05-26 | CVE-2009-3721 | Path Traversal vulnerability in multiple products Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. | 6.8 |
| 2021-05-26 | CVE-2021-20297 | Improper Input Validation vulnerability in multiple products A flaw was found in NetworkManager in versions before 1.30.0. | 2.1 |
| 2021-05-25 | CVE-2016-20011 | Improper Certificate Validation vulnerability in Gnome Libgrss libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. | 5.0 |
| 2021-05-24 | CVE-2021-33516 | Unspecified vulnerability in Gnome Gupnp An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. network gnome | 5.8 |
| 2021-04-07 | CVE-2020-36314 | Link Following vulnerability in multiple products fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. | 3.9 |
| 2021-03-17 | CVE-2021-28650 | Link Following vulnerability in multiple products autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. | 5.5 |
| 2021-03-11 | CVE-2021-28153 | Link Following vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.8. | 5.3 |