Shodan
Vulnerabilities
Vulnerable Software
Gnome:  >> Glib  >> 2.74.4  Security Vulnerabilities
CVE-2025-14512
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-11
CVE-2025-14087
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
CVSS Score
5.6
EPSS Score
0.003
Published
2025-12-10
CVE-2025-13601
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.
CVSS Score
7.7
EPSS Score
0.0
Published
2025-11-26
CVE-2025-4056
A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-28
CVE-2024-52533
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
CVSS Score
9.8
EPSS Score
0.031
Published
2024-11-11
CVE-2024-34397
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
CVSS Score
5.2
EPSS Score
0.002
Published
2024-05-07
CVE-2023-32643
A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-09-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved