Vulnerabilities > Gnome > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-25 CVE-2021-42522 Memory Leak vulnerability in Gnome Anjuta 2.0.0
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c.
network
low complexity
gnome CWE-401
7.5
2022-07-24 CVE-2021-46829 Integer Overflow or Wraparound vulnerability in multiple products
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame.
local
low complexity
gnome fedoraproject debian CWE-190
7.8
2022-04-20 CVE-2022-29536 Out-of-bounds Write vulnerability in multiple products
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title.
network
low complexity
gnome fedoraproject debian CWE-787
7.5
2022-03-25 CVE-2021-3567 Out-of-bounds Write vulnerability in Gnome Caribou
A flaw was found in Caribou due to a regression of CVE-2020-25712 fix.
network
low complexity
gnome CWE-787
7.5
2022-01-12 CVE-2021-44648 Out-of-bounds Write vulnerability in multiple products
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
network
low complexity
gnome fedoraproject debian CWE-787
8.8
2021-05-28 CVE-2021-20240 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A flaw was found in gdk-pixbuf in versions before 2.42.0.
network
low complexity
gnome fedoraproject CWE-191
8.8
2021-05-26 CVE-2009-3721 Path Traversal vulnerability in multiple products
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF.
local
low complexity
gnome ytnef-project CWE-22
7.8
2021-05-25 CVE-2016-20011 Improper Certificate Validation vulnerability in Gnome Libgrss
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection.
network
low complexity
gnome CWE-295
7.5
2021-05-24 CVE-2021-33516 Unspecified vulnerability in Gnome Gupnp
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5.
network
low complexity
gnome
8.1
2021-02-15 CVE-2021-27219 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5