CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Gnome : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000083 77 Exec Code 2017-09-05 2017-09-06
6.8
None Remote Medium Not required Partial Partial Partial
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.
2 CVE-2017-1000044 119 Overflow Mem. Corr. 2017-07-17 2017-07-19
7.5
None Remote Low Not required Partial Partial Partial
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering
3 CVE-2017-1000025 200 +Info 2017-07-17 2017-08-04
5.0
None Remote Low Not required Partial None None
GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
4 CVE-2017-1000024 200 +Info 2017-07-17 2017-08-04
5.0
None Remote Low Not required Partial None None
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to a information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
5 CVE-2017-14108 399 DoS 2017-09-05 2017-09-06
7.1
None Remote Medium Not required None None Complete
libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to cause a denial of service (CPU consumption) via a file that begins with many '\0' characters.
6 CVE-2017-11590 476 DoS 2017-07-23 2017-07-28
4.3
None Remote Medium Not required None None Partial
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
7 CVE-2017-11464 369 2017-07-19 2017-07-27
6.8
None Remote Medium Not required Partial Partial Partial
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
8 CVE-2017-11171 769 2017-07-11 2017-07-26
4.9
None Local Low Not required None None Complete
Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data (an invalid magic cookie). Each failed authentication attempt will leak a file descriptor in gnome-session. When the maximum number of file descriptors is exhausted in the gnome-session process, it will enter an infinite loop trying to communicate without success, consuming 100% of the CPU. The graphical session associated with the gnome-session process will stop working correctly, because communication with gnome-session is no longer possible.
9 CVE-2017-8871 399 DoS 2017-06-12 2017-06-15
7.1
None Remote Medium Not required None None Complete
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.
10 CVE-2017-8834 119 DoS Overflow 2017-06-12 2017-06-15
4.3
None Remote Medium Not required None None Partial
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.
11 CVE-2017-8288 20 Exec Code 2017-04-26 2017-05-10
6.8
None Remote Medium Not required Partial Partial Partial
gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications (but not interact with them), see information from the extensions (e.g., what applications you have opened or what music you were playing), or even execute arbitrary commands. It all depends on what extensions a user has enabled. The problem is caused by lack of exception handling in js/ui/extensionSystem.js.
12 CVE-2017-7961 119 DoS Overflow 2017-04-19 2017-07-10
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file. NOTE: third-party analysis reports "This is not a security issue in my view. The conversion surely is truncating the double into a long value, but there is no impact as the value is one of the RGB components."
13 CVE-2017-7960 119 DoS Overflow 2017-04-19 2017-07-10
4.3
None Remote Medium Not required None None Partial
The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted CSS file.
14 CVE-2017-6314 400 DoS 2017-03-09 2017-09-18
4.3
None Remote Medium Not required None None Partial
The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.
15 CVE-2017-6313 191 DoS 2017-03-09 2017-09-18
4.3
None Remote Medium Not required None None Partial
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
16 CVE-2017-6312 190 DoS Overflow 2017-03-09 2017-09-18
4.3
None Remote Medium Not required None None Partial
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.
17 CVE-2017-6311 476 DoS 2017-03-09 2017-09-18
5.0
None Remote Low Not required None None Partial
gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.
18 CVE-2017-5885 190 DoS Exec Code Overflow 2017-02-28 2017-03-02
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow.
19 CVE-2017-5884 118 Exec Code 2017-02-28 2017-03-02
6.8
None Remote Medium Not required Partial Partial Partial
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.
20 CVE-2017-2870 190 Exec Code Overflow 2017-09-05 2017-09-08
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability.
21 CVE-2017-2862 119 Exec Code Overflow 2017-09-05 2017-09-08
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
22 CVE-2016-9888 476 2016-12-08 2016-12-14
4.3
None Remote Medium Not required None None Partial
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file.
23 CVE-2016-6855 787 DoS 2016-09-07 2017-09-02
5.0
None Remote Low Not required None None Partial
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
24 CVE-2016-6352 787 DoS 2016-10-03 2016-10-04
5.0
None Remote Low Not required None None Partial
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.
25 CVE-2016-6163 125 DoS 2017-02-03 2017-02-07
4.3
None Remote Medium Not required None None Partial
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
26 CVE-2016-4348 20 DoS 2016-05-20 2016-07-28
5.0
None Remote Low Not required None None Partial
The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.
27 CVE-2015-8875 189 DoS Exec Code Overflow 2016-06-01 2016-10-04
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.
28 CVE-2015-7674 189 DoS Exec Code Overflow 2015-10-26 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
29 CVE-2015-7673 119 DoS Exec Code Overflow 2015-10-26 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.
30 CVE-2015-7558 20 DoS 2016-05-20 2016-08-23
5.0
None Remote Low Not required None None Partial
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
31 CVE-2015-7557 20 DoS 2016-05-20 2016-05-23
5.0
None Remote Low Not required None None Partial
The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.
32 CVE-2015-7496 264 Bypass 2015-11-24 2015-11-25
7.2
None Local Low Not required Complete Complete Complete
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.
33 CVE-2015-4491 189 DoS Exec Code Overflow 2015-08-15 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.
34 CVE-2015-2785 119 DoS Exec Code Overflow 2015-03-29 2015-03-30
7.5
None Remote Low Not required Partial Partial Partial
The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (ByzanzRecording file) to the byzanz-playback command.
35 CVE-2015-2675 119 DoS Overflow 2017-08-18 2017-08-24
5.0
None Remote Low Not required None None Partial
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.
36 CVE-2015-0552 22 Dir. Trav. 2015-01-15 2015-02-17
6.4
None Remote Low Not required None Partial Partial
Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."
37 CVE-2015-0272 20 DoS 2015-11-17 2016-12-06
5.0
None Remote Low Not required None None Partial
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
38 CVE-2014-8154 119 DoS Exec Code Overflow 2015-01-27 2015-01-28
7.5
None Remote Low Not required Partial Partial Partial
The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overflow.
39 CVE-2014-7300 399 Exec Code 2014-12-25 2016-08-31
7.2
None Local Low Not required Complete Complete Complete
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.
40 CVE-2013-7273 DoS 2014-04-29 2014-04-30
2.1
None Local Low Not required None None Partial
GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.
41 CVE-2013-7221 264 Exec Code 2014-04-29 2014-04-29
4.6
None Local Low Not required Partial Partial Partial
The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation.
42 CVE-2013-7220 Exec Code 2014-04-29 2014-04-29
4.6
None Local Low Not required Partial Partial Partial
js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search.
43 CVE-2013-6836 119 DoS Overflow 2013-12-18 2016-12-30
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.
44 CVE-2013-4169 59 2013-09-10 2013-09-11
6.9
None Local Medium Not required Complete Complete Complete
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.
45 CVE-2013-1881 20 2013-10-09 2016-12-07
4.3
None Remote Medium Not required Partial None None
GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
46 CVE-2013-1799 310 +Info 2013-04-01 2013-04-02
4.3
None Remote Medium Not required Partial None None
Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91, does not properly validate SSL certificates when creating accounts for providers who use the libsoup library, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network. NOTE: this issue exists because of an incomplete fix for CVE-2013-0240.
47 CVE-2013-1050 264 Bypass 2013-03-08 2013-03-18
7.2
None Local Low Not required Complete Complete Complete
The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation.
48 CVE-2013-0240 310 +Info 2013-04-01 2013-04-02
4.3
None Remote Medium Not required Partial None None
Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly validate SSL certificates when creating accounts such as Windows Live and Facebook accounts, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network.
49 CVE-2012-4511 200 +Info 2012-10-22 2017-01-05
5.8
None Remote Medium Not required Partial Partial None
services/flickr/flickr.c in libsocialweb before 0.25.21 automatically connects to Flickr when no Flickr account is set, which might allow remote attackers to obtain sensitive information via a man-in-the-middle (MITM) attack.
50 CVE-2012-4427 94 2012-09-30 2012-10-02
6.8
None Remote Medium Not required Partial Partial Partial
The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page.
Total number of vulnerabilities : 165   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.