gnome
357 tracked vulnerabilities.
CVE-2026-2443
MEDIUM
Red Hat Enterprise Linux - Out-of-bounds Read via HTTP Range Header Processing
Feb 13, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1801
MEDIUM
libsoup - HTTP Request Smuggling Information Disclosure
Feb 03, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1539
MEDIUM
libsoup - Proxy-Authorization Header Credential Disclosure
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1536
MEDIUM
Libsoup - HTTP Header Injection
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1467
MEDIUM
Libsoup - CRLF Injection
Jan 27, 2026
CVSS 5.8
EPSS 0.00
CVE-2025-14512
MEDIUM
glib < 2.86.3 - Heap Buffer Overflow and Denial of Service via GIO escape_byte_string() Integer Overflow
Dec 11, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-14087
MEDIUM
GLib < 2.86.3 - Heap Corruption via GVariant Parser Buffer Underflow
Dec 10, 2025
CVSS 5.6
EPSS 0.01
CVE-2025-13601
HIGH
Red Hat CodeReady Linux Builder - Heap-Based Buffer Overflow via g_escape_uri_string()
Nov 26, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-12105
HIGH
libsoup < 3.6.5 - Use-After-Free in Asynchronous Message Queue Handling
Oct 23, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-4056
HIGH
GLib < 2.84.1 - Denial of Service via Long Command Line Spawning
Jul 28, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-7425
HIGH
libxml2 < 2.15.2 - Use-After-Free in XSLT Key Function Tree Fragment Handling
Jul 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-7424
HIGH
libxslt - Type Confusion via psvi Memory Field Reuse
Jul 10, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-6199
LOW
GdkPixbuf - Exposure of Sensitive Information via GIF LZW Decoder Logic Error
Jun 17, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-6196
MEDIUM
libgepub - Denial of Service via Malicious EPUB File Size Calculation
Jun 17, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-49795
HIGH
libxml2 - Denial of Service
Jun 16, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-6052
LOW
GLib 2.75.3-2.84.2 - Integer Overflow in GString Memory Management
Jun 13, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-3155
HIGH
Yelp - Arbitrary Script Execution via Help Document
Apr 03, 2025
CVSS 7.4
EPSS 0.13
CVE-2025-2784
HIGH
libsoup < 3.6.5 - Heap Buffer Over-Read via skip_insight_whitespace()
Apr 03, 2025
CVSS 7.0
EPSS 0.01
CVE-2024-52533
CRITICAL
GNOME GLib < 2.82.1 - Buffer Overflow in SOCKS4 Proxy Connection Message Handling
Nov 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-52532
HIGH
GNOME libsoup < 3.6.1 - Denial of Service via WebSocket Data Parsing
Nov 11, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-52531
MEDIUM
GNOME libsoup < 3.6.1 - Out-of-bounds Write via soup_header_parse_param_list_strict
Nov 11, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-52530
HIGH
GNOME libsoup < 3.6.0 - HTTP Request Smuggling via Null Byte in Header Names
Nov 11, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-42415
HIGH
GNOME Project G Structured File Library <1.14.52 - RCE
Oct 03, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-36474
HIGH
GNOME Project G Structured File Library <1.14.52 - RCE
Oct 03, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-34397
MEDIUM
GNOME GLib <2.78.5, 2.79.x, 2.80.x - Info Disclosure
May 07, 2024
CVSS 5.2
EPSS 0.01
Products
glib 33
libsoup 26
evolution 21
gdk-pixbuf 20
gdm 15
gtk 15
epiphany 13
networkmanager 12
gdkpixbuf 11
gnome-shell 11
screensaver 11
gnome_display_manager 10
librsvg 10
GLib 7
evince 7
pango 6
gpdf 5
gvfs 5
libcroco 5
nautilus 4
balsa 3
evolution-data-server 3
file-roller 3
gnumeric 3
gthumb 3
gtk-vnc 3
libgsf 3
libgxps 3
libxml2 3
localsearch 3
Quick Filters