gnome

341 tracked vulnerabilities.

CVE-2022-27811 CRITICAL
GNOME OCRFeeder < 0.8.4 - OS Command Injection via PDF or Image Filename
Mar 24, 2022
CVSS 9.8
EPSS 0.03
CVE-2021-42522 HIGH
Anjuta - Information Disclosure via Improper Memory Release in Bookmarks Component
Aug 25, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-3800 MEDIUM
glib < 2.63.6 - Information Disclosure via Charset Alias
Aug 23, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46829 HIGH
GDK-PixBuf <2.42.8 - Buffer Overflow
Jul 24, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-3982 MEDIUM
gnome-shell - Privilege Escalation via CAP_SYS_NICE Misuse
Apr 29, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-3567 HIGH
Caribou < 0.4.21 - Screen-Lock Bypass via Input Mechanism Regression
Mar 25, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-20315 MEDIUM
gnome-shell < 3.32.2 - Locking Protection Bypass via Application Menu or Window List Extensions
Feb 18, 2022
CVSS 6.1
EPSS 0.00
CVE-2021-44648 HIGH
Gnome Gdkpixbuf - Out-of-Bounds Write
Jan 12, 2022
CVSS 8.8
EPSS 0.00
CVE-2021-45088 MEDIUM
Epiphany < 40.4 and 41.x < 41.1 - Cross-Site Scripting via Error Page
Dec 16, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-45087 MEDIUM
Epiphany < 40.4 and 41.x < 41.1 - Cross-Site Scripting via View Source or Reader Mode
Dec 16, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-45086 MEDIUM
GNOME Web < 40.4 and 41.x < 41.1 - Cross-Site Scripting via PDF.js Filename Handling
Dec 16, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-45085 MEDIUM
GNOME Web < 40.4 and 41.x < 41.1 - Cross-Site Scripting via about: Page
Dec 16, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-39365 MEDIUM
GNOME grilo <= 0.3.13 - Improper Certificate Validation in SoupSessionAsync
Aug 22, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-39361 MEDIUM
GNOME evolution-rss < 0.3.96 - Improper Certificate Validation
Aug 22, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-39360 MEDIUM
libzapojit < 0.0.3 - Improper Certificate Validation in SoupSessionSync
Aug 22, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-39359 MEDIUM
GNOME libgda < 6.0.0 - Improper Certificate Validation in SoupSessionSync
Aug 22, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-39358 MEDIUM
libgfbgraph < 0.2.4 - Improper Certificate Validation in SoupSessionSync
Aug 22, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-20240 HIGH
gdk-pixbuf < 2.42.0 - Integer Underflow via Crafted GIF Image
May 28, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-20297 MEDIUM
NetworkManager < 1.30.0 - Denial of Service via Profile Activation with match.path
May 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-33516 HIGH
GUPnP < 1.0.7, 1.1.x, < 1.2.5 - DNS Rebinding via UPnP Service
May 24, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-28650 MEDIUM
gnome-autoar < 0.3.1 - Directory Traversal via Symlink Handling
Mar 17, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28153 MEDIUM
GNOME GLib <2.66.8 - Info Disclosure
Mar 11, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-27219 HIGH
GNOME GLib <2.66.6, <2.67.3 - Memory Corruption
Feb 15, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-27218 HIGH
GNOME GLib <2.66.7 & <2.67.4 - Info Disclosure
Feb 15, 2021
CVSS 7.5
EPSS 0.05
CVE-2021-3349 LOW
GNOME Evolution < 3.38.3 - Insufficient Verification of Data Authenticity via GnuPG API
Feb 01, 2021
CVSS 3.3
EPSS 0.00
Products
glib 26 libsoup 24 evolution 21 gdk-pixbuf 20 gdm 15 gtk 15 epiphany 13 networkmanager 12 gdkpixbuf 11 gnome-shell 11 screensaver 11 gnome_display_manager 10 librsvg 10 evince 7 pango 6 gpdf 5 gvfs 5 libcroco 5 nautilus 4 balsa 3 evolution-data-server 3 file-roller 3 gnumeric 3 gthumb 3 gtk-vnc 3 libgsf 3 libgxps 3 Gdk-Pixbuf 2 control_center 2 dwarf_http_server 2
Quick Filters
Critical CVEs With Exploits In CISA KEV