CVE-2012-0828

all versions

Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers

9.8CRITICAL

CVE-2017-1000044

all versions

gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corrupti

9.8CRITICAL

CVE-2017-5885

<= 0.6.0

Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 al

9.8CRITICAL

CVE-2017-5884

<= 0.6.0

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute a

7.8HIGH

CVE-2014-1949

<= 3.10.9

GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate a

CVE-2012-4425

all versions

libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain priv

CVE-2010-4833

< 2.24.0

Untrusted search path vulnerability in modules/engines/ms-windows/xp_theme.c in GTK+ before 2.24.0 allows local users to gain priv

CVE-2010-4831

< 2.21.8

Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via

CVE-2010-0732

< 2.18.5

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK

CVE-2007-0010

< 2.4.13

The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a de

CVE-2005-3186

all versions

Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via a

CVE-2005-2976

< 2.8.7

Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or ex

CVE-2005-2975

< 2.8.7

io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinit

CVE-2005-0891

>= 2.0.0 and < 2.2.4

Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted

7.5HIGH

CVE-2005-0372

< 2.0.18

Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .

CVE-2004-0788

>= 2.0.0 and < 2.2.4

Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to caus

CVE-2004-0783

all versions

Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pi

CVE-2004-0782

all versions

Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf b

CVE-2004-0753

>= 2.0.0 and < 2.2.4

The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of serv

CVE-2001-0084

all versions

GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local u