CVSS: 9.8EPSS: 5%CPEs: 6EXPL: 0CVE-2012-0828
https://notcve.org/view.php?id=CVE-2012-0828
21 Feb 2020 — Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP). Un desbordamiento del búfer en la región heap de la memoria en xchat versión 2.8.6 sobre la arquitectura Maemo de Xchat-WDK versiones anteriores a 1499-4 (18-01-2012), podría permitir a atacantes remotos caus... • http://www.openwall.com/lists/oss-security/2012/02/01/9 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1949 – Mandriva Linux Security Advisory 2015-162
https://notcve.org/view.php?id=CVE-2014-1949
16 Jan 2015 — GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button. GTK+ 3.10.9 y anteriores, utilizado en cinnamon-screensaver, gnome-screensaver, y otras aplicaciones, permite a atacantes físicamente próximos evadir la pantalla de bloqueo mediante la activación del botón del menú. Clemens Fries reported that, when using Cinnamon, it was possible to bypass the screensaver lock. An a... • http://advisories.mageia.org/MGASA-2014-0374.html • CWE-284: Improper Access Control •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4831
https://notcve.org/view.php?id=CVE-2010-4831
06 Sep 2011 — Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via a Trojan horse Wintab32.dll file in the current working directory. Vulnerabilidad de ruta de búsqueda no segura en gdk/win32/gdkinput-win32.c in GTK+ anteriores a v2.21.8 permite a usuarios locales obtener privilegios de a través de un fichero Wintab32.dll (troyanizado) en el directorio de trabajo actual. • http://ftp.gnome.org/pub/gnome/sources/gtk+/2.21/gtk+-2.21.8.changes • CWE-426: Untrusted Search Path •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4833
https://notcve.org/view.php?id=CVE-2010-4833
06 Sep 2011 — Untrusted search path vulnerability in modules/engines/ms-windows/xp_theme.c in GTK+ before 2.24.0 allows local users to gain privileges via a Trojan horse uxtheme.dll file in the current working directory, a different vulnerability than CVE-2010-4831. Ruta de búsqueda no segura en modules/engines/ms-windows/xp_theme.c en GTK+ anteriores a v2.24.0 permite a usuarios locales obtener privilegios de administrador a través de un fichero uxtheme.dll (troyanizado) en el directorio de trabajo actual, es una vulner... • http://git.gnome.org/browse/gtk+/commit/modules/engines/ms-windows/xp_theme.c?h=gtk-2-24&id=d6e11a97e318158f5d210a0476870dfe14ed95e6 • CWE-426: Untrusted Search Path •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0732 – Gentoo Linux Security Advisory 201412-08
https://notcve.org/view.php?id=CVE-2010-0732
19 Mar 2010 — gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times. gdk/gdkwindow.c en GTK+ anterior a v2.18.5, utilizada en gnome-screensaver anterior a v2.28.1, realiza pinturas implícitas en las ventanas de tipo GDK_WINDOW_F... • http://ftp.gnome.org/pub/gnome/sources/gtk+/2.18/gtk+-2.18.5.news • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0010 – GTK2 GDKPixBufLoader - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-0010
24 Jan 2007 — The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file. La función GdkPixbufLoader del GIMP ToolKit (GTK+) en el GTK 2 (gtk2) en versiones anteriores a la 2.4.13 atacantes dependiendo del contexto provocar una denegación de servicio (caída) a través de un fichero de imagen mal formado. • https://www.exploit-db.com/exploits/29520 •
CVSS: 7.8EPSS: 11%CPEs: 2EXPL: 0CVE-2005-2975
https://notcve.org/view.php?id=CVE-2005-2975
18 Nov 2005 — io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors. • http://secunia.com/advisories/17522 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2005-2976
https://notcve.org/view.php?id=CVE-2005-2976
18 Nov 2005 — Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186. • http://secunia.com/advisories/17522 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2005-0891
https://notcve.org/view.php?id=CVE-2005-0891
01 Apr 2005 — Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000958 • CWE-415: Double Free •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2005-0372
https://notcve.org/view.php?id=CVE-2005-0372
17 Feb 2005 — Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000957 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •