Vulnerabilities > Gnome
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-11 | CVE-2013-4245 | Improper Input Validation vulnerability in multiple products Orca has arbitrary code execution due to insecure Python module load | 7.3 |
| 2019-11-29 | CVE-2019-19451 | Infinite Loop vulnerability in multiple products When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. | 5.5 |
| 2019-11-27 | CVE-2019-19308 | NULL Pointer Dereference vulnerability in Gnome Gnome-Font-Viewer 3.34.0 In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL). | 5.5 |
| 2019-11-25 | CVE-2011-3355 | Missing Encryption of Sensitive Data vulnerability in Gnome Evolution-Data-Server3 3.0.3/3.2.1 evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. | 7.3 |
| 2019-11-25 | CVE-2012-5535 | Information Exposure vulnerability in multiple products gnome-system-log polkit policy allows arbitrary files on the system to be read | 7.5 |
| 2019-11-12 | CVE-2011-2897 | Improper Input Validation vulnerability in multiple products gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw | 9.8 |
| 2019-11-05 | CVE-2016-1000002 | Information Exposure vulnerability in multiple products gdm3 3.14.2 and possibly later has an information leak before screen lock | 2.4 |
| 2019-11-01 | CVE-2013-3718 | Improper Input Validation vulnerability in multiple products evince is missing a check on number of pages which can lead to a segmentation fault | 5.5 |
| 2019-10-06 | CVE-2019-17266 | Out-of-bounds Read vulnerability in multiple products libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy. | 9.8 |
| 2019-09-21 | CVE-2019-16680 | Path Traversal vulnerability in multiple products An issue was discovered in GNOME file-roller before 3.29.91. | 4.3 |