Filtered by vendor Gnome
Subscribe
Total
322 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0238 | 4 Gnome, Mozilla, Omnigroup and 1 more | 5 Epiphany, Camino, Mozilla and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2000-0948 | 1 Gnome | 1 Gnorpm | 2025-04-03 | 7.2 HIGH | N/A |
| GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2003-0548 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | |||||
| CVE-2003-0407 | 1 Gnome | 1 Batalla Naval | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string. | |||||
| CVE-2003-0133 | 1 Gnome | 1 Gtkhtml | 2025-04-03 | 5.0 MEDIUM | N/A |
| GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. | |||||
| CVE-2003-0547 | 2 Gnome, Redhat | 2 Gdm, Kdebase | 2025-04-03 | 2.1 LOW | N/A |
| GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. | |||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | |||||
| CVE-2003-0794 | 1 Gnome | 1 Gdm | 2025-04-03 | 2.1 LOW | N/A |
| GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results. | |||||
| CVE-2003-0070 | 2 Gnome, Nalin Dahyabhai | 2 Gnome-terminal, Vte | 2025-04-03 | 6.8 MEDIUM | N/A |
| VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
| CVE-2005-2549 | 1 Gnome | 1 Evolution | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers. | |||||
| CVE-2005-2550 | 1 Gnome | 1 Evolution | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. | |||||
| CVE-2006-0040 | 1 Gnome | 1 Evolution | 2025-04-03 | 5.0 MEDIUM | N/A |
| GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml. | |||||
| CVE-2001-0927 | 1 Gnome | 1 Libgtop Daemon | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions. | |||||
| CVE-2003-0541 | 1 Gnome | 1 Gtkhtml | 2025-04-03 | 5.0 MEDIUM | N/A |
| gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference. | |||||
| CVE-2006-2452 | 1 Gnome | 1 Gdm | 2025-04-03 | 3.7 LOW | N/A |
| GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges. | |||||
| CVE-2002-1814 | 4 Gnome, Mandrakesoft, Redhat and 1 more | 4 Bonobo, Mandrake Linux, Linux and 1 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. | |||||
| CVE-2005-2976 | 2 Gnome, Gtk | 2 Gdkpixbuf, Gtk\+ | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186. | |||||
| CVE-1999-0990 | 1 Gnome | 1 Gdm | 2025-04-03 | 2.1 LOW | N/A |
| Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system. | |||||
| CVE-2005-0206 | 15 Ascii, Cstex, Debian and 12 more | 22 Ptex, Cstetex, Debian Linux and 19 more | 2025-04-03 | 7.5 HIGH | N/A |
| The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | |||||
| CVE-2004-0782 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687). | |||||