Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gnome-shell vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-48634
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only reaso...
NA
CVE-2023-43090
A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.
Gnome Gnome-shell
Gnome Gnome-shell 42
Fedoraproject Fedora 37
Fedoraproject Fedora 38
187
VMScore
CVE-2021-3982
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler prior...
Gnome Gnome-shell -
320
VMScore
CVE-2021-20315
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to k...
Gnome Gnome-shell
Centos Stream 8
231
VMScore
CVE-2020-36314
fr-archive-libarchive.c in GNOME file-roller up to and including 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue e...
Gnome File-roller
Fedoraproject Fedora 34
187
VMScore
CVE-2021-28650
autoar-extractor.c in GNOME gnome-autoar prior to 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists...
Gnome Gnome-autoar
Fedoraproject Fedora 34
187
VMScore
CVE-2020-36241
autoar-extractor.c in GNOME gnome-autoar up to and including 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extr...
Gnome Gnome-autoar
Fedoraproject Fedora 34
169
VMScore
CVE-2020-17489
An issue exists in certain configurations of GNOME gnome-shell up to and including 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login ti...
Gnome Gnome-shell
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Opensuse Leap 15.2
409
VMScore
CVE-2019-3820
It exists that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
Gnome Gnome-shell
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
605
VMScore
CVE-2017-8288
gnome-shell 3.22 up to and including 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications (but not interact with them), see information from the extensions (...
Gnome Gnome-shell 3.24.1
Gnome Gnome-shell 3.22.2
Gnome Gnome-shell 3.23.1
Gnome Gnome-shell 3.23.92
Gnome Gnome-shell 3.22.0
Gnome Gnome-shell 3.23.2
Gnome Gnome-shell 3.23.3
Gnome Gnome-shell 3.23.90
Gnome Gnome-shell 3.23.91
Gnome Gnome-shell 3.22.1
Gnome Gnome-shell 3.22.3
Gnome Gnome-shell 3.24.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »