CVE-2022-37290
- EPSS 0.02%
- Published 14.11.2022 08:15:09
- Last modified 01.05.2025 14:15:26
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.
CVE-2019-11461
- EPSS 0.06%
- Published 22.04.2019 21:29:00
- Last modified 21.11.2024 04:21:07
An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of t...
CVE-2017-12447
- EPSS 0.26%
- Published 07.03.2019 23:29:00
- Last modified 21.11.2024 03:09:30
GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.
CVE-2017-14604
- EPSS 5.55%
- Published 20.09.2017 08:29:00
- Last modified 20.04.2025 01:37:25
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command....