27 matches found
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
RLSA-2025:13315 Moderate: gdk-pixbuf2 security update
The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk?pixbuf: Heap?buffer?overflow in gdk?pixbuf CVE-2025-7345 For more details about the security issues,...
[SECURITY] Fedora 42 Update: gdk-pixbuf2-2.42.12-12.fc42
gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter...
[SECURITY] Fedora 41 Update: emacs-30.1-5.fc41
GNU Emacs is a powerful, customizable, self-documenting, modeless text editor. It contains special code editing features, a scripting language elisp, and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for Wayland, using t...
[SECURITY] Fedora 42 Update: emacs-30.1-5.fc42
GNU Emacs is a powerful, customizable, self-documenting, modeless text editor. It contains special code editing features, a scripting language elisp, and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for Wayland, using t...
OESA-2024-1892 gtk3 security update
GTK+ is an object-oriented widget toolkit written in the programming language C; it has a C-based object-oriented architecture that allows for maximum flexibility. The GTK+ library contains a set of graphical control elements widgetsfor creating graphical user interfaces. This package contains...
[SECURITY] Fedora 40 Update: xmedcon-0.24.0-1.fc40
This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...
[SECURITY] Fedora 39 Update: xmedcon-0.24.0-1.fc39
This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...
Fedora: Security Advisory (FEDORA-2024-f9ce536a3e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2024-40955 · Gtk-Rs · Gtk-Rs
Name of the Vulnerable Software and Affected Versions: gtk-rs affected versions not specified Description: The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository and added a note to the crate description and its README.md that the crates are no longer...
Glade: Denial of Service
Background Glade is a RAD tool to enable quick & easy development of user interfaces for the GTK+ toolkit Version 3 only and the GNOME desktop environment. Description A vulnerability has been found in Glade which can lead to a denial of service when working with specific glade files. Impact A...
SUSE CVE-2004-0753
The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...
SUSE CVE-2004-0782
Integer overflow in pixbufcreatefromxpm io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain ncol and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+...
SUSE CVE-2010-0732
gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDKWINDOWFOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an...
Mozilla: Arbitrary file read from GTK drag and drop on Linux
The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...
Mozilla: Arbitrary file read from GTK drag and drop on Linux
The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...
libtimezonemap bug fix and enhancement update
An update is available for libtimezonemap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtimezonemap packages contain a time zone map widget for the GTK...
libtimezonemap bug fix and enhancement update
An update is available for libtimezonemap. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtimezonemap packages contain a time zone map widget for the GTK...
Important: Red Hat Security Advisory: pango security update
An update for pango is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
gtk-vnc Remote Code Execution Vulnerability
GTK-VNC is a for GTK VNC viewer widget. A remote code execution vulnerability exists in gtk-vnc. An attacker could exploit the vulnerability to execute arbitrary code within the context of an application. A failed exploit attempt could result in a denial of service condition...