Vulnerabilidades em GNOME
20 resultadosCVE-2017-2885CRITICALAn exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stacEPSS 24.6%CVE-2019-1010238—Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution.EPSS 6.3%CVE-2017-2862HIGHAn exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specialEPSS 4.6%CVE-2017-2870HIGHAn exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A EPSS 2.6%CVE-2013-4166—The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earEPSS 1.9%CVE-2025-7424HIGHLibxslt: type confusion in xmlnode.psvi between stylesheet and source nodesEPSS 1.2%CVE-2020-16125HIGHgdm3 would start gnome-initial-setup if it cannot contact accountserviceEPSS 1.1%CVE-2011-1830MEDIUMEkiga attempts to dlopen /tmp/ekiga_test.soEPSS 0.8%CVE-2025-14087MEDIUMGlib: glib: buffer underflow in gvariant parser leads to heap corruptionEPSS 0.8%CVE-2019-25085MEDIUMGNOME gvdb gvdb-builder.c gvdb_table_write_contents_async use after freeEPSS 0.8%CVE-2012-1096—NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file patEPSS 0.7%CVE-2024-52531MEDIUMGNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict.EPSS 0.7%CVE-2025-14512MEDIUMGlib: integer overflow in glib gio attribute escaping causes heap buffer overflowEPSS 0.5%CVE-2025-12105HIGHLibsoup: heap use-after-free in libsoup message queue handling during http/2 read completionEPSS 0.4%CVE-2020-37011HIGHGnome Fonts Viewer 3.34.0 Heap CorruptionEPSS 0.4%CVE-2017-12164MEDIUMA flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled EPSS 0.4%CVE-2025-7425HIGHLibxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptrEPSS 0.3%CVE-2026-6653HIGHlibxml2: Use after free in xmlParseInternalSubset via improper entity resolution handlingEPSS 0.3%CVE-2026-2604MEDIUMEvolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handlingEPSS 0.2%CVE-2026-44931MEDIUMmalcontent: Disk Space Exhaustion via Globally Accessible D-Bus APIEPSS 0.1%