Lucene search
K

5856 matches found

OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2819 gnome-tour security update

A guided tour and greeter for GNOME.Tour uses by default the logo of the distribution based on the info from /etc/os-release. The application comes with a feature to replace the logo with a welcome video shipped by the distribution. Security Fixes: slab is a pre-allocated storage for a uniform da...

5.1CVSS5.9AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2818 gnome-tour security update

A guided tour and greeter for GNOME.Tour uses by default the logo of the distribution based on the info from /etc/os-release. The application comes with a feature to replace the logo with a welcome video shipped by the distribution. Security Fixes: slab is a pre-allocated storage for a uniform da...

5.1CVSS5.9AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2817 gnome-tour security update

A guided tour and greeter for GNOME.Tour uses by default the logo of the distribution based on the info from /etc/os-release. The application comes with a feature to replace the logo with a welcome video shipped by the distribution. Security Fixes: slab is a pre-allocated storage for a uniform da...

5.1CVSS5.9AI score0.00167EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 11:23 p.m.9 views

CVE-2026-13324

A vulnerability has been identified in the GNOME Geary package within its mailto URI handling component. This flaw occurs because the email client automatically processes a non-standard attach parameter in email links without prompting or alerting the user. An attacker could exploit this by...

6.5CVSS5.8AI score
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in vte2.91

GNOME VTE before version 0.76.3 allowed an attacker to cause a denial of service memory consumption through a window resizing escape sequence, a issue related to CVE-2000-0476...

4.4CVSS6AI score0.00238EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 1:11 p.m.5 views

OESA-2026-2715 gnome-shell security update

The GNOME Shell redefines user interactions with the GNOME desktop. In particular, it offers new paradigms for launching applications, accessing documents, and organizing open windows in GNOME. Later, it will introduce a new applets eco-system and offer new solutions for other desktop features,...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 1:11 p.m.6 views

OESA-2026-2714 gnome-shell security update

The GNOME Shell redefines user interactions with the GNOME desktop. In particular, it offers new paradigms for launching applications, accessing documents, and organizing open windows in GNOME. Later, it will introduce a new applets eco-system and offer new solutions for other desktop features,...

6.5CVSS6.7AI score0.00299EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 7:53 p.m.8 views

EUVD-2026-38604

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 6:0 a.m.3 views

SUSE-SU-2026:2515-1 Security update for openssh, openssh-askpass-gnome

This update for openssh, openssh-askpass-gnome fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430...

8.1CVSS6AI score0.00419EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/22 12:40 p.m.10 views

CVE-2026-6653

Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling...

8.3CVSS5.9AI score0.00289EPSS
Exploits0
OSV
OSV
added 2026/06/16 1:16 p.m.5 views

UBUNTU-CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 11:52 a.m.11 views

EUVD-2026-37068

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.2AI score0.00165EPSS
Exploits0References3
CVE
CVE
added 2026/06/16 11:52 a.m.20 views

CVE-2026-12322

CVE-2026-12322 is a clickjacking vulnerability in the Gtk Widget component affecting Mozilla Firefox and Thunderbird. The issue, described across multiple sources, is due to a UI framing/embedding flaw that could enable deceptive UI interaction. Affected products were updated to mitigate the vuln...

5.4CVSS5.2AI score0.00165EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2026/06/16 2:16 a.m.10 views

CVE-2026-1765

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS0.00139EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 2:16 a.m.12 views

CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

8.1CVSS0.00246EPSS
Exploits1References2
NVD
NVD
added 2026/06/16 2:16 a.m.14 views

CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

5.6CVSS0.00209EPSS
Exploits2References2
EUVD
EUVD
added 2026/06/16 12:34 a.m.9 views

EUVD-2026-37028

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

5.6CVSS5.6AI score0.00246EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/06/16 12:34 a.m.4 views

CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

8.1CVSS5.7AI score0.00246EPSS
Exploits1
CVE
CVE
added 2026/06/16 12:34 a.m.53 views

CVE-2026-1766

CVE-2026-1766 concerns GNOME localsearch (tracker-extract-mp3) and its MP3 Extractor, where a heap buffer overflow occurs while parsing MP3 files with malformed ID3v2.3 COMM tags. Exploitation can cause DoS (crash) and may disclose heap data. Public advisories and patches exist across multiple ve...

6.1CVSS5.5AI score0.00158EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2026/06/16 12:34 a.m.43 views

CVE-2026-1766 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

5.6CVSS0.00158EPSS
Exploits1References2
Rows per page
Query Builder