Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xfce xfce vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45062
In Xfce xfce4-settings prior to 4.16.4 and 4.17.x prior to 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
Xfce Xfce4-settings
Xfce Xfce4-settings 4.17.0
Debian Debian Linux 11.0
Fedoraproject Fedora 37
605
VMScore
CVE-2022-32278
XFCE 4.16 allows malicious users to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
Xfce Exo
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
668
VMScore
CVE-2021-32563
An issue exists in Thunar prior to 4.16.7 and 4.17.x prior to 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution.
Xfce Thunar
605
VMScore
CVE-2011-1588
Thunar prior to 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
Xfce Thunar 1.2.0
Xfce Thunar 1.2.1
Opensuse Opensuse 11.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
169
VMScore
CVE-2018-18398
Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses th...
Xfce Thunar
Xfce Xfce
641
VMScore
CVE-2009-4996
Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate malicious users to access an unattended laptop via a resume action, a related issue to CVE-2010-2532. NOTE: there is no gener...
Xfce Xfce 4.6
641
VMScore
CVE-2009-4642
gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate malicious users to access an unattended workstation on which screen locking had b...
Gnome Screensaver 2.26.1
445
VMScore
CVE-2007-6531
Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce prior to 4.4.2 might allow remote malicious users to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might no...
Xfce Xfce
890
VMScore
CVE-2007-6532
Double free vulnerability in the Widget Library (libxfcegui4) in Xfce prior to 4.4.2 might allow remote malicious users to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."
Xfce Xfce
694
VMScore
CVE-2007-3770
The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote malicious users to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.
Os-cillation Xfce Terminal 0.2.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »