Filtered by vendor Gnome
Subscriptions
Total
312 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-48622 | 2 Gnome, Redhat | 2 Gdkpixbuf, Enterprise Linux | 2024-08-26 | 7.8 High |
| In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c. | ||||
| CVE-2000-0948 | 1 Gnome | 1 Gnorpm | 2024-08-08 | N/A |
| GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-2000-0864 | 1 Gnome | 1 Esound | 2024-08-08 | N/A |
| Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack. | ||||
| CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2024-08-08 | N/A |
| libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | ||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2024-08-08 | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | ||||
| CVE-2001-0927 | 1 Gnome | 1 Libgtop Daemon | 2024-08-08 | N/A |
| Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions. | ||||
| CVE-2001-0928 | 1 Gnome | 1 Libgtop Daemon | 2024-08-08 | N/A |
| Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data. | ||||
| CVE-2001-0084 | 1 Gnome | 1 Gtk | 2024-08-08 | N/A |
| GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program. | ||||
| CVE-2003-0793 | 1 Gnome | 1 Gdm | 2024-08-08 | N/A |
| GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption). | ||||
| CVE-2003-0794 | 1 Gnome | 1 Gdm | 2024-08-08 | N/A |
| GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results. | ||||
| CVE-2003-0541 | 2 Gnome, Redhat | 2 Gtkhtml, Linux | 2024-08-08 | N/A |
| gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference. | ||||
| CVE-2003-0547 | 2 Gnome, Redhat | 3 Gdm, Kdebase, Linux | 2024-08-08 | N/A |
| GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. | ||||
| CVE-2003-0549 | 2 Gnome, Redhat | 5 Gdm, Enterprise Linux, Kdebase and 2 more | 2024-08-08 | N/A |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. | ||||
| CVE-2003-0548 | 2 Gnome, Redhat | 5 Gdm, Enterprise Linux, Kdebase and 2 more | 2024-08-08 | N/A |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | ||||
| CVE-2003-0407 | 1 Gnome | 1 Batalla Naval | 2024-08-08 | N/A |
| Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string. | ||||
| CVE-2003-0165 | 2 Gnome, Redhat | 2 Eog, Linux | 2024-08-08 | N/A |
| Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display. | ||||
| CVE-2003-0133 | 2 Gnome, Redhat | 2 Gtkhtml, Linux | 2024-08-08 | N/A |
| GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. | ||||
| CVE-2003-0080 | 2 Gnome, Redhat | 2 Gnome-lokkit, Linux | 2024-08-08 | N/A |
| The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled. | ||||
| CVE-2003-0070 | 3 Gnome, Nalin Dahyabhai, Redhat | 3 Gnome-terminal, Vte, Linux | 2024-08-08 | N/A |
| VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2024-08-08 | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | ||||