gnome
357 tracked vulnerabilities.
CVE-2023-5616
MEDIUM
gnome-control-center 1.3-1.3.36.5 - Authentication Bypass via SSH Remote Login Status Mismanagement
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2023-43091
CRITICAL
GNOME Maps 43.0-43.6 - Code Injection via service.json Configuration File
Nov 17, 2024
CVSS 9.8
EPSS 0.01
CVE-2023-5557
HIGH
tracker_miners < 3.3.2 - Sandbox Escape via Malicious File
Oct 13, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-43090
MEDIUM
GNOME Shell 43-43.9 - Unauthenticated Information Disclosure via Lock Screen Screenshot Tool
Sep 22, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-32665
MEDIUM
GLib < 2.74.4 - Denial of Service via GVariant Deserialization
Sep 14, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-32643
MEDIUM
GLib < 2.75.1 - Heap-based Buffer Overflow in GVariant Deserialization
Sep 14, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-32636
MEDIUM
glib < 2.74.4 - Denial of Service via GVariant Deserialization Offset Table Validation
Sep 14, 2023
CVSS 4.7
EPSS 0.01
CVE-2023-32611
MEDIUM
GLib < 2.74.2 - Denial of Service via GVariant Deserialization
Sep 14, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-29499
MEDIUM
GLib < 2.74.4 - Denial of Service via GVariant Deserialization
Sep 14, 2023
CVSS 5.5
EPSS 0.01
CVE-2023-36250
HIGH
GNOME time tracker <3.0.2 - Code Injection
Sep 14, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-38633
MEDIUM
librsvg 2.42.3-2.46.6 - Directory Traversal via URL Decoder
Jul 22, 2023
CVSS 5.5
EPSS 0.02
CVE-2023-26081
HIGH
Epiphany < 43.1 - Password Exfiltration via Autofill in Sandboxed Contexts
Feb 20, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-1736
CRITICAL
Ubuntu Gnome-control-center - Info Disclosure
Jan 31, 2025
CVSS 9.8
EPSS 0.01
CVE-2022-48622
HIGH
GNOME GdkPixbuf < 2.42.10 - Heap Memory Corruption via Crafted ANI File
Jan 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2022-37290
MEDIUM
GNOME Nautilus 42.2 - Denial of Service via Pasted ZIP Archive
Nov 14, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-29536
HIGH
GNOME Epiphany < 41.4 and 42.x < 42.2 - Out-of-bounds Write via Long Page Title
Apr 20, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27811
CRITICAL
GNOME OCRFeeder < 0.8.4 - OS Command Injection via PDF or Image Filename
Mar 24, 2022
CVSS 9.8
EPSS 0.03
CVE-2021-42522
HIGH
Anjuta - Information Disclosure via Improper Memory Release in Bookmarks Component
Aug 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-3800
MEDIUM
glib < 2.63.6 - Information Disclosure via Charset Alias
Aug 23, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-46829
HIGH
GDK-PixBuf <2.42.8 - Buffer Overflow
Jul 24, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-3982
MEDIUM
gnome-shell - Privilege Escalation via CAP_SYS_NICE Misuse
Apr 29, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-3567
HIGH
Caribou < 0.4.21 - Screen-Lock Bypass via Input Mechanism Regression
Mar 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-20315
MEDIUM
gnome-shell < 3.32.2 - Locking Protection Bypass via Application Menu or Window List Extensions
Feb 18, 2022
CVSS 6.1
EPSS 0.00
CVE-2021-44648
HIGH
Gnome Gdkpixbuf - Out-of-Bounds Write
Jan 12, 2022
CVSS 8.8
EPSS 0.02
CVE-2021-45088
MEDIUM
Epiphany < 40.4 and 41.x < 41.1 - Cross-Site Scripting via Error Page
Dec 16, 2021
CVSS 6.1
EPSS 0.01
Products
glib 33
libsoup 26
evolution 21
gdk-pixbuf 20
gdm 15
gtk 15
epiphany 13
networkmanager 12
gdkpixbuf 11
gnome-shell 11
screensaver 11
gnome_display_manager 10
librsvg 10
GLib 7
evince 7
pango 6
gpdf 5
gvfs 5
libcroco 5
nautilus 4
balsa 3
evolution-data-server 3
file-roller 3
gnumeric 3
gthumb 3
gtk-vnc 3
libgsf 3
libgxps 3
libxml2 3
localsearch 3
Quick Filters