Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.7 views

NewStart CGSL MAIN 7.02 : xdg-utils Vulnerability (NS-SA-2025-0195)

The remote NewStart CGSL host, running version MAIN 7.02, has xdg-utils packages installed that are affected by a vulnerability: - When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not...

7.4CVSS7.3AI score0.00652EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/06/23 4:39 p.m.3 views

CVE-2025-52968

A potential Cross-site request forgery CSRF flaw was found in xdg-utils. The xdg-open function in xdg-utils through version 1.2.1 can send requests containing SameSite=Strict cookies, facilitating a Cross-site request forgery CSRF attack vector. Mitigation Mitigation for this issue is either not...

2.7CVSS7.2AI score0.00183EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/23 12:0 a.m.13 views

PT-2025-26609 · Xdg-Utils +1 · Xdg-Utils +1

Name of the Vulnerable Software and Affected Versions: xdg-utils versions 1.1.0 through 1.2.1 xdg-utils version 1.2.1 Description: The issue concerns xdg-open in xdg-utils, which can send requests containing SameSite=Strict cookies. This can facilitate Cross-Site Request Forgery CSRF attacks. The...

2.7CVSS6.6AI score0.00183EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/05/15 12:0 a.m.10 views

RHEL 9 : xdg-utils (RHSA-2025:7672)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7672 advisory. The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop. Security Fixes: xdg-utils:...

7.4CVSS7.4AI score0.00652EPSS
Exploits1References5
CBLMariner
CBLMariner
added 2025/02/11 4:7 p.m.11 views

CVE-2022-4055 affecting package xdg-utils for versions less than 1.2.1-3

CVE-2022-4055 affecting package xdg-utils for versions less than 1.2.1-3. An upgraded version of the package is available that resolves this issue...

7.4CVSS6.9AI score0.00652EPSS
Exploits1
Amazon
Amazon
added 2023/03/22 12:0 a.m.8 views

Medium: xdg-utils

Issue Overview: A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches...

7.4CVSS6.9AI score0.01443EPSS
Exploits2
OSV
OSV
added 2015/01/21 6:59 p.m.4 views

CVE-2014-9622

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open...

8.8AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2015/01/21 6:59 p.m.22 views

CVE-2014-9622

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open...

6.8CVSS7.3AI score0.03256EPSS
Exploits1References1
NVD
NVD
added 2008/02/04 11:0 p.m.21 views

CVE-2008-0386

Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to 1 xdg-open or 2 xdg-email...

6.8CVSS7.4AI score0.03171EPSS
Exploits1References17
Rows per page
Query Builder