CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

OSV•added 2026/04/11 1:16 a.m.•2 views

UBUNTU-CVE-2026-40354

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash...

6.3CVSS5.8AI score0.00019EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 3:46 a.m.•2 views

SUSE CVE-2021-21261

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. This sandbox-escape bug is present in versio...

7.3CVSS7.9AI score0.00108EPSS

Exploits0References7

Tenable Nessus•added 2022/09/17 12:0 a.m.•28 views

SUSE SLES15 Security Update : flatpak (SUSE-SU-2022:3284-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3284-1 advisory. - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the...

8.8CVSS7.7AI score0.00166EPSS

Exploits0References9

Tenable Nessus•added 2021/10/27 12:0 a.m.•32 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : flatpak Vulnerability (NS-SA-2021-0096)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has flatpak packages installed that are affected by a vulnerability: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that...

8.8CVSS8.5AI score0.00108EPSS

Exploits0References3

Tenable Nessus•added 2021/10/27 12:0 a.m.•25 views

NewStart CGSL MAIN 6.02 : flatpak Vulnerability (NS-SA-2021-0122)

The remote NewStart CGSL host, running version MAIN 6.02, has flatpak packages installed that are affected by a vulnerability: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that can allow...

8.8CVSS8.5AI score0.00108EPSS

Exploits0References3

OSV•added 2021/03/05 11:2 a.m.•1 views

OESA-2021-1043 flatpak security update

flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. Security Fixes: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug wa...

8.8CVSS8AI score0.00108EPSS

Exploits0References2

RedHat Linux•added 2021/02/01 10:18 a.m.•2 views

flatpak: sandbox escape via spawn portal

A flaw was found in Flatpak. The Flatpak portal D-Bus service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the flatpak run command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set...

8.8CVSS6.1AI score0.00108EPSS

Exploits0References5

CNVD•added 2021/01/16 12:0 a.m.•1 views

Flatpak Injection Vulnerability

Flatpak is an application virtualization system for Linux desktop application computer environments. Flatpak suffers from an injection vulnerability that stems from the fact that flatpak-portal allows sandboxed applications to execute arbitrary code on the host system sandbox escape. No detailed...

8.8CVSS8.3AI score0.00108EPSS

Exploits0References1

Tenable Nessus•added 2021/01/15 12:0 a.m.•30 views

Debian DSA-4830-1 : flatpak - security update

Simon McVittie discovered a bug in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. The Flatpak portal D-Bus service flatpak-portal, also known by its D-Bus service name org.freedesktop.portal.Flatpak allows apps in a...

8.8CVSS8.4AI score0.00108EPSS

Exploits0References4

OSV•added 2021/01/14 8:15 p.m.•1 views

DEBIAN-CVE-2021-21261

8.8CVSS8.6AI score0.00108EPSS

Exploits0References1