gnome

357 tracked vulnerabilities.

CVE-2023-5616 MEDIUM
gnome-control-center 1.3-1.3.36.5 - Authentication Bypass via SSH Remote Login Status Mismanagement
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2023-43091 CRITICAL
GNOME Maps 43.0-43.6 - Code Injection via service.json Configuration File
Nov 17, 2024
CVSS 9.8
EPSS 0.01
CVE-2023-5557 HIGH
tracker_miners < 3.3.2 - Sandbox Escape via Malicious File
Oct 13, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-43090 MEDIUM
GNOME Shell 43-43.9 - Unauthenticated Information Disclosure via Lock Screen Screenshot Tool
Sep 22, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-32665 MEDIUM
GLib < 2.74.4 - Denial of Service via GVariant Deserialization
Sep 14, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-32643 MEDIUM
GLib < 2.75.1 - Heap-based Buffer Overflow in GVariant Deserialization
Sep 14, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-32636 MEDIUM
glib < 2.74.4 - Denial of Service via GVariant Deserialization Offset Table Validation
Sep 14, 2023
CVSS 4.7
EPSS 0.01
CVE-2023-32611 MEDIUM
GLib < 2.74.2 - Denial of Service via GVariant Deserialization
Sep 14, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-29499 MEDIUM
GLib < 2.74.4 - Denial of Service via GVariant Deserialization
Sep 14, 2023
CVSS 5.5
EPSS 0.01
CVE-2023-36250 HIGH
GNOME time tracker <3.0.2 - Code Injection
Sep 14, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-38633 MEDIUM
librsvg 2.42.3-2.46.6 - Directory Traversal via URL Decoder
Jul 22, 2023
CVSS 5.5
EPSS 0.02
CVE-2023-26081 HIGH
Epiphany < 43.1 - Password Exfiltration via Autofill in Sandboxed Contexts
Feb 20, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-1736 CRITICAL
Ubuntu Gnome-control-center - Info Disclosure
Jan 31, 2025
CVSS 9.8
EPSS 0.01
CVE-2022-48622 HIGH
GNOME GdkPixbuf < 2.42.10 - Heap Memory Corruption via Crafted ANI File
Jan 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2022-37290 MEDIUM
GNOME Nautilus 42.2 - Denial of Service via Pasted ZIP Archive
Nov 14, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-29536 HIGH
GNOME Epiphany < 41.4 and 42.x < 42.2 - Out-of-bounds Write via Long Page Title
Apr 20, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27811 CRITICAL
GNOME OCRFeeder < 0.8.4 - OS Command Injection via PDF or Image Filename
Mar 24, 2022
CVSS 9.8
EPSS 0.03
CVE-2021-42522 HIGH
Anjuta - Information Disclosure via Improper Memory Release in Bookmarks Component
Aug 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-3800 MEDIUM
glib < 2.63.6 - Information Disclosure via Charset Alias
Aug 23, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-46829 HIGH
GDK-PixBuf <2.42.8 - Buffer Overflow
Jul 24, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-3982 MEDIUM
gnome-shell - Privilege Escalation via CAP_SYS_NICE Misuse
Apr 29, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-3567 HIGH
Caribou < 0.4.21 - Screen-Lock Bypass via Input Mechanism Regression
Mar 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-20315 MEDIUM
gnome-shell < 3.32.2 - Locking Protection Bypass via Application Menu or Window List Extensions
Feb 18, 2022
CVSS 6.1
EPSS 0.00
CVE-2021-44648 HIGH
Gnome Gdkpixbuf - Out-of-Bounds Write
Jan 12, 2022
CVSS 8.8
EPSS 0.02
CVE-2021-45088 MEDIUM
Epiphany < 40.4 and 41.x < 41.1 - Cross-Site Scripting via Error Page
Dec 16, 2021
CVSS 6.1
EPSS 0.01