Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gnome Subscribe
Total 295 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-17489 4 Canonical, Debian, Gnome and 1 more 4 Ubuntu Linux, Debian Linux, Gnome-shell and 1 more 2021-03-26 1.9 LOW 4.3 MEDIUM
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.)
CVE-2020-29385 3 Canonical, Fedoraproject, Gnome 3 Ubuntu Linux, Fedora, Gdk-pixbuf 2021-03-22 4.3 MEDIUM 5.5 MEDIUM
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->code_table[11].extends to c, which will give the value of 10. This will make the loop run infinitely. This bug can, for example, be triggered by calling this function with a GIF image with LZW compression that is crafted in a special way.
CVE-2018-20781 3 Canonical, Gnome, Oracle 3 Ubuntu Linux, Gnome Keyring, Zfs Storage Appliance Kit 2021-03-16 2.1 LOW 7.8 HIGH
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.
CVE-2021-3349 1 Gnome 1 Evolution 2021-02-08 2.1 LOW 3.3 LOW
** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue, and dispute whether Evolution is the best place to change this behavior.
CVE-2020-27837 1 Gnome 1 Gnome Display Manager 2020-12-30 4.4 MEDIUM 6.4 MEDIUM
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
CVE-2018-10900 2 Debian, Gnome 2 Debian Linux, Network Manager Vpnc 2020-12-04 7.2 HIGH 7.8 HIGH
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.
CVE-2020-16125 1 Gnome 1 Gnome Display Manager 2020-11-24 4.6 MEDIUM 6.8 MEDIUM
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
CVE-2019-3827 1 Gnome 1 Gvfs 2020-10-19 3.3 LOW 7.0 HIGH
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running under privileges of users belonging to the wheel group to further escalate its privileges by modifying system files without user's knowledge. Successful exploitation requires uncommon system configuration.
CVE-2020-11879 1 Gnome 1 Evolution 2020-09-04 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as demonstrated by an attach=. value.
CVE-2018-5345 5 Canonical, Debian, Fedoraproject and 2 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2020-08-24 6.8 MEDIUM 7.8 HIGH
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.
CVE-2019-12450 1 Gnome 1 Glib 2020-08-24 7.5 HIGH 9.8 CRITICAL
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
CVE-2019-11461 1 Gnome 1 Nautilus 2020-08-24 4.4 MEDIUM 7.8 HIGH
An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing an attacker to escape the sandbox if the thumbnailer has a controlling terminal. This is due to improper filtering of the TIOCSTI ioctl on 64-bit systems, similar to CVE-2019-10063.
CVE-2019-6251 6 Canonical, Fedoraproject, Gnome and 3 more 6 Ubuntu Linux, Fedora, Epiphany and 3 more 2020-08-24 5.8 MEDIUM 8.1 HIGH
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.
CVE-2019-12447 4 Canonical, Fedoraproject, Gnome and 1 more 4 Ubuntu Linux, Fedora, Gvfs and 1 more 2020-08-24 4.9 MEDIUM 7.3 HIGH
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.
CVE-2019-1010006 1 Gnome 1 Evince 2020-08-24 6.8 MEDIUM 7.8 HIGH
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.
CVE-2019-12449 4 Canonical, Fedoraproject, Gnome and 1 more 4 Ubuntu Linux, Fedora, Gvfs and 1 more 2020-08-24 3.5 LOW 5.7 MEDIUM
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.
CVE-2019-12795 1 Gnome 1 Gvfs 2020-08-24 4.6 MEDIUM 7.8 HIGH
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)
CVE-2018-11396 1 Gnome 1 Epiphany 2020-08-24 5.0 MEDIUM 7.5 HIGH
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
CVE-2018-19358 1 Gnome 1 Gnome-keyring 2020-08-24 2.1 LOW 7.8 HIGH
GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms (involving the busconfig and policy XML elements) are not used.
CVE-2017-8834 2 Gnome, Opensuse 2 Libcroco, Leap 2020-08-19 4.3 MEDIUM 6.5 MEDIUM
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.