Filtered by vendor Gnome
Subscriptions
Total
312 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3718 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Evince, Opensuse and 1 more | 2024-08-06 | 5.5 Medium |
| evince is missing a check on number of pages which can lead to a segmentation fault | ||||
| CVE-2013-1978 | 3 Gimp, Gnome, Redhat | 3 Gimp, Glib, Enterprise Linux | 2024-08-06 | N/A |
| Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries. | ||||
| CVE-2013-1913 | 3 Gimp, Gnome, Redhat | 3 Gimp, Glib, Enterprise Linux | 2024-08-06 | N/A |
| Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump. | ||||
| CVE-2013-1881 | 2 Gnome, Redhat | 2 Librsvg, Enterprise Linux | 2024-08-06 | N/A |
| GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||
| CVE-2013-1799 | 2 Canonical, Gnome | 2 Ubuntu Linux, Gnome Online Accounts | 2024-08-06 | N/A |
| Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91, does not properly validate SSL certificates when creating accounts for providers who use the libsoup library, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network. NOTE: this issue exists because of an incomplete fix for CVE-2013-0240. | ||||
| CVE-2013-0240 | 2 Canonical, Gnome | 2 Ubuntu Linux, Gnome Online Accounts | 2024-08-06 | N/A |
| Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly validate SSL certificates when creating accounts such as Windows Live and Facebook accounts, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network. | ||||
| CVE-2014-8154 | 2 Gnome, Opensuse | 2 Vala, Opensuse | 2024-08-06 | N/A |
| The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overflow. | ||||
| CVE-2014-7300 | 2 Gnome, Redhat | 6 Gnome-shell, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2024-08-06 | N/A |
| GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer. | ||||
| CVE-2014-1949 | 3 Canonical, Gnome, Linuxmint | 3 Ubuntu, Gtk, Linux Mint | 2024-08-06 | N/A |
| GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button. | ||||
| CVE-2015-8875 | 2 Debian, Gnome | 2 Debian Linux, Gdk-pixbuf | 2024-08-06 | N/A |
| Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow. | ||||
| CVE-2015-7673 | 2 Gnome, Opensuse | 2 Gdk-pixbuf, Opensuse | 2024-08-06 | N/A |
| io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file. | ||||
| CVE-2015-7674 | 3 Canonical, Gnome, Opensuse | 3 Ubuntu Linux, Gdk-pixbuf, Opensuse | 2024-08-06 | N/A |
| Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow. | ||||
| CVE-2015-7557 | 1 Gnome | 1 Librsvg | 2024-08-06 | N/A |
| The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document. | ||||
| CVE-2015-7558 | 2 Debian, Gnome | 2 Debian Linux, Librsvg | 2024-08-06 | N/A |
| librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document. | ||||
| CVE-2015-7496 | 3 Fedoraproject, Gnome, Redhat | 3 Fedora, Gnome Display Manager, Enterprise Linux | 2024-08-06 | N/A |
| GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. | ||||
| CVE-2015-7217 | 4 Fedoraproject, Gnome, Mozilla and 1 more | 5 Fedora, Gnome, Firefox and 2 more | 2024-08-06 | N/A |
| The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image. | ||||
| CVE-2015-7216 | 4 Fedoraproject, Gnome, Mozilla and 1 more | 5 Fedora, Gnome, Firefox and 2 more | 2024-08-06 | N/A |
| The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image. | ||||
| CVE-2015-4491 | 9 Canonical, Fedoraproject, Gnome and 6 more | 10 Ubuntu Linux, Fedora, Gdk-pixbuf and 7 more | 2024-08-06 | N/A |
| Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. | ||||
| CVE-2015-2785 | 1 Gnome | 1 Byzanz | 2024-08-06 | N/A |
| The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (ByzanzRecording file) to the byzanz-playback command. | ||||
| CVE-2015-2675 | 2 Gnome, Redhat | 2 Librest, Enterprise Linux | 2024-08-06 | N/A |
| The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account. | ||||