20 matches found
Astra Linux – Vulnerability in gtk+3.0, gtk+2.0
A flaw was discovered in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory...
Ubuntu: Security Advisory (USN-6899-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6899-1: GTK vulnerability
It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared directories, a local attacker could use this issue to execute arbitrary code, and possibly escalate privileges...
Mageia: Security Advisory (MGASA-2014-0004)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0374)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Demarshalling With Improper Bounds Check
libspice-client-glib-2.0.so, libspice-client-gtk-2.0.so, libspice-client-gtk-3.0.so are vulnerable to demarshalling with improper bounds check. The vulnerability exists due to the lack of check where demarshalling could happen at an item position beyond the message end, leading to a denial of...
Ubuntu: Security Advisory (USN-2898-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ MDVSA-2015:162 ] gtk+3.0
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:162 http://www.mandriva.com/en/support/security/ Package : gtk+3.0 Date : March 29, 2015 Affected: Business Server 2.0 Problem Description: Updated gtk+3.0 packages fix security vulnerability: Clemens Fries...
Mandriva Linux Security Advisory : gtk+3.0 (MDVSA-2015:162)
Updated gtk+3.0 packages fix security vulnerability : Clemens Fries reported that, when using Cinnamon, it was possible to bypass the screensaver lock. An attacker with physical access to the machine could use this flaw to take over the locked desktop session CVE-2014-1949. This was fixed by...
Ubuntu: Security Advisory (USN-2475-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated gtk+3.0 packages fix CVE-2014-1949
Updated gtk+3.0 packages fix security vulnerability: Clemens Fries reported that, when using Cinnamon, it was possible to bypass the screensaver lock. An attacker with physical access to the machine could use this flaw to take over the locked desktop session CVE-2014-1949. This was fixed by...
openSUSE Security Update : emacs and depending packages (openSUSE-SU-2012:1348-1)
This update fixes the following issues for emacs, emacs-w3, gnuplot and ddskk: emacs : - Add fix for bnc775993 which disable arbitrary lisp code execution when 'enable-local-variables' is set to ':safe' CVE-2012-3479 - Add fix for bnc780653 to allow emacs to parse tar archives with PAX extended...
Ubuntu Update for gtk+3.0 USN-2149-2
Check for the Version of gtk+3.0 OpenVAS Vulnerability Test $Id: gbubuntuUSN21492.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for gtk+3.0 USN-2149-2 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...
Ubuntu: Security Advisory (USN-2149-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.04 LTS / 12.10 : gtk+3.0 update (USN-2149-2)
USN-2149-1 fixed a vulnerability in librsvg. This update provides a compatibility fix for GTK+ to work with the librsvg security update. It was discovered that librsvg would load XML external entities by default. If a user were tricked into viewing a specially crafted SVG file, an attacker could...
USN-2149-2: GTK+ update
USN-2149-1 fixed a vulnerability in librsvg. This update provides a compatibility fix for GTK+ to work with the librsvg security update. Original advisory details: It was discovered that librsvg would load XML external entities by default. If a user were tricked into viewing a specially crafted S...
[ MDVSA-2014:009 ] librsvg
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:009 http://www.mandriva.com/en/support/security/ Package : librsvg Date : January 17, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated librsvg and gtk+3.0 packages fix...
Mandriva Linux Security Advisory : librsvg (MDVSA-2014:009)
Updated librsvg and gtk+3.0 packages fix security vulnerability : librsvg before version 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference CVE-2013-1881. For Business Server 1 gtk+3.0 has be...
Updated librsvg and gtk+3.0 packages fix security vulnerability
librsvg before version 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference CVE-2013-1881. gtk+3.0 has been patched to cope with the changes in SVG loading due to the fix in librsvg...
MGASA-2014-0004 Updated librsvg and gtk+3.0 packages fix security vulnerability
librsvg before version 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference CVE-2013-1881. gtk+3.0 has been patched to cope with the changes in SVG loading due to the fix in librsvg...