gnome
341 tracked vulnerabilities.
CVE-2026-44931
MEDIUM
malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API
May 13, 2026
EPSS 0.00
CVE-2026-2708
LOW
Libsoup: libsoup: http request smuggling via duplicate content-length headers
Apr 23, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-5201
HIGH
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image
Mar 31, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5119
MEDIUM
Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
Mar 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-2436
MEDIUM
Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake
Mar 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-2369
MEDIUM
Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources
Mar 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4271
MEDIUM
Libsoup: libsoup: denial of service via use-after-free in http/2 server
Mar 17, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-3634
LOW
Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header
Mar 17, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-3633
LOW
Libsoup: libsoup: header and http request injection via crlf injection
Mar 17, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-3632
LOW
Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames
Mar 17, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-3099
MEDIUM
Red Hat Enterprise Linux - Digest Authentication Nonce Reuse
Mar 12, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1801
MEDIUM
libsoup - HTTP Request Smuggling Information Disclosure
Feb 03, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1539
MEDIUM
libsoup - Proxy-Authorization Header Credential Disclosure
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1536
MEDIUM
Libsoup - HTTP Header Injection
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1467
MEDIUM
Libsoup - CRLF Injection
Jan 27, 2026
CVSS 5.8
EPSS 0.00
CVE-2025-14512
MEDIUM
glib < 2.86.3 - Heap Buffer Overflow and Denial of Service via GIO escape_byte_string() Integer Overflow
Dec 11, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-14087
MEDIUM
GLib < 2.86.3 - Heap Corruption via GVariant Parser Buffer Underflow
Dec 10, 2025
CVSS 5.6
EPSS 0.00
CVE-2025-13601
HIGH
Red Hat CodeReady Linux Builder - Heap-Based Buffer Overflow via g_escape_uri_string()
Nov 26, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-12105
HIGH
libsoup < 3.6.5 - Use-After-Free in Asynchronous Message Queue Handling
Oct 23, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-4056
HIGH
GLib < 2.84.1 - Denial of Service via Long Command Line Spawning
Jul 28, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-7425
HIGH
libxml2 < 2.15.2 - Use-After-Free in XSLT Key Function Tree Fragment Handling
Jul 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-7424
HIGH
libxslt - Type Confusion via psvi Memory Field Reuse
Jul 10, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-6199
LOW
GdkPixbuf - Exposure of Sensitive Information via GIF LZW Decoder Logic Error
Jun 17, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-6196
MEDIUM
libgepub - Denial of Service via Malicious EPUB File Size Calculation
Jun 17, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-6052
LOW
GLib 2.75.3-2.84.2 - Integer Overflow in GString Memory Management
Jun 13, 2025
CVSS 3.7
EPSS 0.00
Products
glib 26
libsoup 24
evolution 21
gdk-pixbuf 20
gdm 15
gtk 15
epiphany 13
networkmanager 12
gdkpixbuf 11
gnome-shell 11
screensaver 11
gnome_display_manager 10
librsvg 10
evince 7
pango 6
gpdf 5
gvfs 5
libcroco 5
nautilus 4
balsa 3
evolution-data-server 3
file-roller 3
gnumeric 3
gthumb 3
gtk-vnc 3
libgsf 3
libgxps 3
Gdk-Pixbuf 2
control_center 2
dwarf_http_server 2
Quick Filters