Vulnerabilities > Gnome > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-25 | CVE-2021-42522 | Memory Leak vulnerability in Gnome Anjuta 2.0.0 There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. | 7.5 |
2022-07-24 | CVE-2021-46829 | Integer Overflow or Wraparound vulnerability in multiple products GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. | 7.8 |
2022-04-20 | CVE-2022-29536 | Out-of-bounds Write vulnerability in multiple products In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. | 7.5 |
2022-03-25 | CVE-2021-3567 | Out-of-bounds Write vulnerability in Gnome Caribou A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. | 7.5 |
2022-01-12 | CVE-2021-44648 | Out-of-bounds Write vulnerability in multiple products GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. | 8.8 |
2021-05-28 | CVE-2021-20240 | A flaw was found in gdk-pixbuf in versions before 2.42.0. | 8.8 |
2021-05-26 | CVE-2009-3721 | Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. | 7.8 |
2021-05-25 | CVE-2016-20011 | Improper Certificate Validation vulnerability in Gnome Libgrss libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. | 7.5 |
2021-05-24 | CVE-2021-33516 | Unspecified vulnerability in Gnome Gupnp An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. | 8.1 |
2021-02-15 | CVE-2021-27219 | Incorrect Conversion between Numeric Types vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. | 7.5 |