12 matches found
EUVD-2022-53475
Malicious code in bioql PyPI...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Exo vulnerability (USN-6008-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6008-1 advisory. It was discovered that Exo did not properly sanitized desktop files. A remote attacker could possibly use this issue to to cau...
Debian DLA-3056-1 : exo - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3056 advisory. - XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. CVE-2022-32278 Note that Nessus ha...
Debian DSA-5164-1 : exo - security update
The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5164 advisory. It was discovered that exo, a support library for the Xfce desktop environment, would allow executing remote .desktop files. In some scenario, an attacker could use...
CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server...
CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server...
CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server...
Design/Logic Flaw
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server...
UBUNTU-CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server...
CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server...
CVE-2022-32278
CVE-2022-32278 affects XFCE Exo (XFCE 4.16) where xdg-open can execute a .desktop file hosted on an attacker-controlled FTP server, enabling arbitrary code execution. Root cause: insecure handling of .desktop files in remote sources. Affected component: exo (XFCE library). Impact: remote code exe...
CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server...