Gnome : Security Vulnerabilities, CVEs, Published In 2017 (Memory corruption)
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering
Max CVSS
9.8
EPSS Score
0.27%
Published
2017-07-17
Updated
2017-07-19
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
Max CVSS
7.5
EPSS Score
0.21%
Published
2017-07-24
Updated
2017-07-28
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.
Max CVSS
5.5
EPSS Score
0.11%
Published
2017-03-10
Updated
2020-08-04
gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.
Max CVSS
7.5
EPSS Score
0.43%
Published
2017-03-10
Updated
2020-08-04
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
Max CVSS
8.8
EPSS Score
1.60%
Published
2017-09-05
Updated
2022-06-07
5 vulnerabilities found