Vulnerabilities > Gnome > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-25 CVE-2021-42522 Memory Leak vulnerability in Gnome Anjuta 2.0.0
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c.
network
low complexity
gnome CWE-401
7.5
2022-07-24 CVE-2021-46829 Integer Overflow or Wraparound vulnerability in multiple products
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame.
local
low complexity
gnome fedoraproject debian CWE-190
7.8
2022-04-20 CVE-2022-29536 Out-of-bounds Write vulnerability in multiple products
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title.
network
low complexity
gnome fedoraproject debian CWE-787
7.5
2022-03-25 CVE-2021-3567 Out-of-bounds Write vulnerability in Gnome Caribou
A flaw was found in Caribou due to a regression of CVE-2020-25712 fix.
network
low complexity
gnome CWE-787
7.5
2022-01-12 CVE-2021-44648 Out-of-bounds Write vulnerability in multiple products
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
network
low complexity
gnome fedoraproject debian CWE-787
8.8
2021-05-28 CVE-2021-20240 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A flaw was found in gdk-pixbuf in versions before 2.42.0.
network
low complexity
gnome fedoraproject CWE-191
8.8
2021-02-15 CVE-2021-27219 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-15 CVE-2021-27218 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2020-12-14 CVE-2020-35457 Integer Overflow or Wraparound vulnerability in Gnome Glib
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries.
local
low complexity
gnome CWE-190
7.8
2020-07-29 CVE-2020-16118 NULL Pointer Dereference vulnerability in multiple products
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.
network
low complexity
gnome opensuse CWE-476
7.5