Search Results (350 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0023 1 Gnome 2 Libvte4, Libzvt2 2025-04-03 N/A
gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.
CVE-2003-0407 1 Gnome 1 Batalla Naval 2025-04-03 N/A
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.
CVE-2005-2976 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2025-04-03 N/A
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
CVE-2002-1814 4 Gnome, Mandrakesoft, Redhat and 1 more 4 Bonobo, Mandrake Linux, Linux and 1 more 2025-04-03 N/A
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
CVE-1999-0990 1 Gnome 1 Gdm 2025-04-03 N/A
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system.
CVE-2004-0753 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2025-04-03 N/A
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
CVE-2003-0549 2 Gnome, Redhat 5 Gdm, Enterprise Linux, Kdebase and 2 more 2025-04-03 N/A
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
CVE-2004-0782 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2025-04-03 N/A
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).
CVE-2005-0372 2 Gnome, Redhat 2 Gtk, Enterprise Linux 2025-04-03 N/A
Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.
CVE-2004-0783 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2025-04-03 N/A
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).
CVE-2004-0788 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2025-04-03 N/A
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
CVE-2003-0080 2 Gnome, Redhat 2 Gnome-lokkit, Linux 2025-04-03 N/A
The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled.
CVE-2003-0133 2 Gnome, Redhat 2 Gtkhtml, Linux 2025-04-03 N/A
GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages.
CVE-2003-0548 2 Gnome, Redhat 5 Gdm, Enterprise Linux, Kdebase and 2 more 2025-04-03 N/A
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
CVE-2000-0948 1 Gnome 1 Gnorpm 2025-04-03 N/A
GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack.
CVE-2006-1335 1 Gnome 1 Screensaver 2025-04-03 N/A
gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows attackers with physical access to cause the screensaver to crash and access the session via the Ctl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome.
CVE-2005-2550 2 Gnome, Redhat 2 Evolution, Enterprise Linux 2025-04-03 N/A
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab.
CVE-2006-0528 1 Gnome 1 Evolution 2025-04-03 N/A
The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
CVE-2005-0238 4 Gnome, Mozilla, Omnigroup and 1 more 5 Epiphany, Camino, Mozilla and 2 more 2025-04-03 N/A
The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVE-2003-0547 2 Gnome, Redhat 3 Gdm, Kdebase, Linux 2025-04-03 N/A
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.