Filtered by vendor Gnome Subscriptions
Filtered by product Glib Subscriptions
Total 24 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-0039 1 Gnome 1 Glib 2024-11-21 N/A
GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.
CVE-2011-1709 1 Gnome 2 Gdm, Glib 2024-11-21 N/A
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.
CVE-2009-3289 3 Gnome, Opensuse, Suse 3 Glib, Opensuse, Suse Linux Enterprise Server 2024-11-21 7.8 High
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
CVE-2008-4316 2 Gnome, Redhat 2 Glib, Enterprise Linux 2024-11-21 N/A
Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.