Vulnerabilities > Gnome > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-25 | CVE-2021-42522 | Memory Leak vulnerability in Gnome Anjuta 2.0.0 There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. | 7.5 |
2022-07-24 | CVE-2021-46829 | Integer Overflow or Wraparound vulnerability in multiple products GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. | 7.8 |
2022-04-20 | CVE-2022-29536 | Out-of-bounds Write vulnerability in multiple products In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. | 7.5 |
2022-03-25 | CVE-2021-3567 | Out-of-bounds Write vulnerability in Gnome Caribou A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. | 7.5 |
2022-01-12 | CVE-2021-44648 | Out-of-bounds Write vulnerability in multiple products GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. | 8.8 |
2021-05-28 | CVE-2021-20240 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in gdk-pixbuf in versions before 2.42.0. | 8.8 |
2021-02-15 | CVE-2021-27219 | Incorrect Conversion between Numeric Types vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. | 7.5 |
2021-02-15 | CVE-2021-27218 | Incorrect Conversion between Numeric Types vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. | 7.5 |
2020-12-14 | CVE-2020-35457 | Integer Overflow or Wraparound vulnerability in Gnome Glib GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. | 7.8 |
2020-07-29 | CVE-2020-16118 | NULL Pointer Dereference vulnerability in multiple products In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c. | 7.5 |