Vulnerabilities > Gnome > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-06-15 CVE-2018-12422 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Evolution
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function.
network
low complexity
gnome CWE-119
critical
9.8
2018-04-24 CVE-2017-2885 Out-of-bounds Write vulnerability in multiple products
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58.
network
low complexity
gnome debian redhat CWE-787
critical
9.8
2017-07-17 CVE-2017-1000044 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Gtk-Vnc 0.4.2
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering
network
low complexity
gnome CWE-119
critical
9.8
2017-02-28 CVE-2017-5885 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow.
network
low complexity
fedoraproject gnome CWE-190
critical
9.8
2005-01-24 CVE-2005-0102 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
network
low complexity
gnome debian CWE-190
critical
9.8