Vulnerabilities > Gnome > Low

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2021-20297 Improper Input Validation vulnerability in multiple products
A flaw was found in NetworkManager in versions before 1.30.0.
local
low complexity
gnome redhat fedoraproject CWE-20
2.1
2021-04-07 CVE-2020-36314 Link Following vulnerability in multiple products
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations.
local
low complexity
gnome fedoraproject CWE-59
3.9
2021-02-01 CVE-2021-3349 Insufficient Verification of Data Authenticity vulnerability in Gnome Evolution
GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API.
local
low complexity
gnome CWE-345
3.3
2020-08-11 CVE-2020-17489 Insufficiently Protected Credentials vulnerability in multiple products
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4.
1.9
2020-04-13 CVE-2020-11736 Link Following vulnerability in multiple products
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
3.3
2020-01-27 CVE-2006-7246 Improper Certificate Validation vulnerability in multiple products
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.
high complexity
gnome opensuse suse CWE-295
3.2
2019-12-26 CVE-2012-2736 Missing Authentication for Critical Function vulnerability in multiple products
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.
3.3
2019-11-05 CVE-2016-1000002 Information Exposure vulnerability in multiple products
gdm3 3.14.2 and possibly later has an information leak before screen lock
local
low complexity
gnome redhat debian opensuse CWE-200
2.1
2019-09-21 CVE-2019-16680 Path Traversal vulnerability in multiple products
An issue was discovered in GNOME file-roller before 3.29.91.
network
high complexity
gnome canonical debian redhat CWE-22
2.6
2019-03-25 CVE-2019-3827 Incorrect Authorization vulnerability in Gnome Gvfs
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running.
local
gnome CWE-863
3.3