Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gnome-shell - vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-36241
autoar-extractor.c in GNOME gnome-autoar up to and including 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extr...
Gnome Gnome-autoar
Fedoraproject Fedora 34
5.5
CVSSv3
CVE-2021-28650
autoar-extractor.c in GNOME gnome-autoar prior to 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists...
Gnome Gnome-autoar
Fedoraproject Fedora 34
3.9
CVSSv3
CVE-2020-36314
fr-archive-libarchive.c in GNOME file-roller up to and including 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue e...
Gnome File-roller
Fedoraproject Fedora 34
NA
CVE-2024-36472
In GNOME Shell up to and including 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, whic...
NA
CVE-2013-2190
The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically proximate maliciou...
Clutter Project Clutter -
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
NA
CVE-2022-48634
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only reaso...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2