CVSS: 4.8EPSS: 0%CPEs: 54EXPL: 0CVE-2025-2724 – GNOME libgsf sorting_key_copy out-of-bounds
https://notcve.org/view.php?id=CVE-2025-2724
25 Mar 2025 — A vulnerability classified as problematic has been found in GNOME libgsf up to 1.14.53. Affected is the function sorting_key_copy. The manipulation of the argument Name leads to out-of-bounds read. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way. • https://vuldb.com/?ctiid.300744 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 54EXPL: 0CVE-2025-2723 – GNOME libgsf gsf_property_settings_collec heap-based overflow
https://notcve.org/view.php?id=CVE-2025-2723
25 Mar 2025 — A vulnerability was found in GNOME libgsf up to 1.14.53. It has been rated as critical. This issue affects the function gsf_property_settings_collec. The manipulation of the argument n_alloced_params leads to heap-based buffer overflow. Attacking locally is a requirement. • https://vuldb.com/?ctiid.300743 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 54EXPL: 0CVE-2025-2722 – GNOME libgsf gsf_prop_settings_collect_va heap-based overflow
https://notcve.org/view.php?id=CVE-2025-2722
25 Mar 2025 — A vulnerability was found in GNOME libgsf up to 1.14.53. It has been declared as critical. This vulnerability affects the function gsf_prop_settings_collect_va. The manipulation of the argument n_alloced_params leads to heap-based buffer overflow. Local access is required to approach this attack. • https://vuldb.com/?ctiid.300742 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 54EXPL: 0CVE-2025-2721 – GNOME libgsf gsf_base64_encode_simple heap-based overflow
https://notcve.org/view.php?id=CVE-2025-2721
25 Mar 2025 — A vulnerability was found in GNOME libgsf up to 1.14.53. It has been classified as critical. This affects the function gsf_base64_encode_simple. The manipulation of the argument size_t leads to heap-based buffer overflow. An attack has to be approached locally. • https://vuldb.com/?ctiid.300741 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-52533 – glib: buffer overflow in set_connect_msg()
https://notcve.org/view.php?id=CVE-2024-52533
11 Nov 2024 — gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character. A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior. It was discovered that Glib incorrectly handled certain trailing characters. • https://gitlab.gnome.org/GNOME/glib/-/issues/3461 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52531 – libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict
https://notcve.org/view.php?id=CVE-2024-52531
11 Nov 2024 — GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this. GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response). ... • https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42415 – Debian Security Advisory 5786-1
https://notcve.org/view.php?id=CVE-2024-42415
03 Oct 2024 — An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Integer overflows flaws were discovered in the Compound Document Binary File format par... • https://gitlab.gnome.org/GNOME/libgsf/-/issues/34 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36474 – Ubuntu Security Notice USN-7062-1
https://notcve.org/view.php?id=CVE-2024-36474
03 Oct 2024 — An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. USN-7062-1 fixed vulnerabilities in libg... • https://gitlab.gnome.org/GNOME/libgsf/-/issues/34 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48622 – gnome: heap memory corruption on gdk-pixbuf
https://notcve.org/view.php?id=CVE-2022-48622
26 Jan 2024 — In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c. En GNOME GdkPixbuf (también conocido como gdk-pixbuf) hasta 2.42.10, el decodificador ANI (cursor animado de Windows) encuentra... • https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202 • CWE-787: Out-of-bounds Write •
CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 1CVE-2023-5557 – Tracker-miners: sandbox escape
https://notcve.org/view.php?id=CVE-2023-5557
13 Oct 2023 — A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability. Se encontró una falla en el paquete tracker-miners. Una debilidad en la sandbox permite que un archivo creado con fines malintencionados ejecute código fuera de la sandbox si el proceso de extracción del rastreador se ha visto comprometido primero por una vulnerabilidad separada. ... • https://access.redhat.com/errata/RHSA-2023:7712 • CWE-693: Protection Mechanism Failure •