Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GNOME — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting GNOME. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GNOME serves as a default desktop environment for Linux distributions, providing a user interface for system interaction. Historically, it has faced vulnerabilities across multiple classes, including remote code execution, cross-site scripting, and privilege escalation, with 17 CVEs documented. Security concerns have often centered on components like GNOME Shell and related utilities. Notable incidents include flaws in the Epiphany browser and Nautilus file manager that could lead to information disclosure or arbitrary code execution. The project has addressed these through regular updates, but the complexity of its ecosystem continues to present potential attack surfaces for malicious actors targeting Linux systems.

Top products by GNOME: libsoup Gdk-Pixbuf glib Ekiga NetworkManager Evolution gdm Pango gvdb GDM3 libxml2 libxslt Fonts Viewer
CVE IDTitleCVSSSeverityPublished
CVE-2020-37011 Gnome Fonts Viewer 3.34.0 Heap Corruption — Fonts ViewerCWE-787 7.5 High2026-01-29
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow — glibCWE-190 6.5 Medium2025-12-11
CVE-2025-14087 Glib: glib: buffer underflow in gvariant parser leads to heap corruption — glibCWE-190 5.6 Medium2025-12-10
CVE-2025-12105 Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion — libsoupCWE-416 7.5 High2025-10-23
CVE-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes — libxsltCWE-843 7.5 High2025-07-10
CVE-2025-7425 Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr — libxml2CWE-416 7.8 High2025-07-10
CVE-2024-52531 libsoup 安全漏洞 — libsoupCWE-787 6.5 Medium2024-11-11
CVE-2019-25085 GNOME gvdb gvdb-builder.c gvdb_table_write_contents_async use after free — gvdbCWE-416 6.3 Medium2022-12-26
CVE-2020-16125 gdm3 would start gnome-initial-setup if it cannot contact accountservice — GDM3CWE-754 7.2 High2020-11-10
CVE-2012-1096 NetworkManager 信任管理问题漏洞 — NetworkManager 5.5 -2020-03-10
CVE-2013-4166 GNOME Evolution 信息泄露漏洞 — Evolution 7.5 -2020-02-06
CVE-2019-1010238 Gnome Pango 缓冲区错误漏洞 — Pango 9.8 -2019-07-19
CVE-2011-1830 Ekiga attempts to dlopen /tmp/ekiga_test.so — Ekiga 7.8 -2019-04-22
CVE-2017-12164 GDM 安全漏洞 — gdmCWE-592 6.4 -2018-07-26
CVE-2017-2885 GNOME libsoup 缓冲区错误漏洞 — libsoup 9.8 -2018-04-24
CVE-2017-2870 Gdk-Pixbuf 数字错误漏洞 — Gdk-Pixbuf 7.8 -2017-09-05
CVE-2017-2862 Gdk-Pixbuf 缓冲区错误漏洞 — Gdk-Pixbuf 7.8 -2017-09-05

This page lists every published CVE security advisory associated with GNOME. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.