Every CVE whose affected-product data names Gnome Gtk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2012-0828 — CVSS 9.8 (critical): Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause…
CVE-2010-4833 — CVSS 9.3 (critical): Untrusted search path vulnerability in modules/engines/ms-windows/xp_theme.c in GTK+ before 2.24.0 allows local users to gain privileges…
CVE-2005-2975 — CVSS 7.8 (high): io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop)…
CVE-2005-0891 — CVSS 7.5 (high): Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.
CVE-2004-0783 — CVSS 7.5 (high): Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf…
CVE-2004-0782 — CVSS 7.5 (high): Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before…
CVE-2005-2976 — CVSS 7.5 (high): Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute…
CVE-2014-1949 — CVSS 7.2 (high): GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers…
CVE-2001-0084 — CVSS 7.2 (high): GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to…
CVE-2010-4831 — CVSS 6.9 (medium): Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via a Trojan…
CVE-2010-0732 — CVSS 6.2 (medium): gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type…
CVE-2004-0788 — CVSS 5.0 (medium): Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a…
CVE-2004-0753 — CVSS 5.0 (medium): The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service…
CVE-2005-0372 — CVSS 5.0 (medium): Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot…
CVE-2007-0010 — CVSS 2.1 (low): The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of…