CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

232 matches found

OSV•added 2022/11/09 7:15 a.m.•1 views

UBUNTU-CVE-2022-45062

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper...

9.8CVSS7.3AI score0.03025EPSS

Exploits0References10

Vulnrichment•added 2022/11/09 12:0 a.m.•3 views

CVE-2022-45062

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper...

9.8AI score0.03025EPSS

Exploits0References7

Cvelist•added 2022/11/09 12:0 a.m.•24 views

CVE-2022-45062

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper...

9.7AI score0.03025EPSS

Exploits0References7

CNNVD•added 2022/11/09 12:0 a.m.•2 views

Xfce 参数注入漏洞

Xfce is a desktop environment by the individual developer Olivier Fourdan for Unix and Unix-like operating systems such as Linux and FreeBSD. Xfce A parameter injection vulnerability exists in Xfce xfce4-settings versions prior to 4.16.4, 4.17.x through 4.17.1, which stems from escaping character...

9.8CVSS8.2AI score0.03025EPSS

Exploits0References11

CVE•added 2022/11/09 12:0 a.m.•83 views

CVE-2022-45062

CVE-2022-45062 affects xfce4-settings, specifically the xfce4-mime-helper component, with versions before 4.16.4 and 4.17.x before 4.17.1 vulnerable to argument injection. Public details indicate exploitation via xdg-open, enabling code execution on user machines (via crafted links in PDFs). Reme...

9.8CVSS9.3AI score0.03025EPSS

Exploits0References7Affected Software1

Debian CVE•added 2022/11/09 12:0 a.m.•31 views

CVE-2022-45062

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper...

9.8CVSS9.2AI score0.03025EPSS

Exploits0

Positive Technologies•added 2022/11/09 12:0 a.m.•2 views

PT-2022-27396 · Xfce +3 · Xfce4-Mime-Helper +4

Name of the Vulnerable Software and Affected Versions: xfce4-settings versions 4.16.3 and earlier, 4.17.x before 4.17.1 Description: There is an argument injection issue in the xfce4-mime-helper from the xfce4-settings package. This issue allows for argument injection, which can potentially be...

9.8CVSS9.4AI score0.03025EPSS

Exploits0References30

Tenable Nessus•added 2022/08/12 12:0 a.m.•15 views

FreeBSD : XFCE tumbler -- Vulnerability in the GStreamer plugin (75c073cc-1a1d-11ed-bea0-48ee0c739857)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 75c073cc-1a1d-11ed-bea0-48ee0c739857 advisory. - The XFCE project reports: Added mime type check to the gst-thumbnailer plugin to fix an undisclosed...

5.6AI score

Exploits0References3

FreeBSD•added 2022/08/02 12:0 a.m.•14 views

XFCE tumbler -- Vulnerability in the GStreamer plugin

The XFCE project reports: Added mime type check to the gst-thumbnailer plugin to fix an undisclosed vulnerability...

1.7AI score

Exploits0References2

BDU FSTEC•added 2022/07/13 12:0 a.m.•1 views

The vulnerability of the XFCE desktop environment application library allows a hacker to execute arbitrary code.

The vulnerability of the XFCE desktop environment application library is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created .desktop file from a remote location...

10CVSS8.1AI score0.00846EPSS

Exploits0References8Affected Software4

OpenVAS•added 2022/06/23 12:0 a.m.•18 views

Debian: Security Advisory (DLA-3056-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.00846EPSS

Exploits0References3

Tenable Nessus•added 2022/06/22 12:0 a.m.•40 views

Debian DLA-3056-1 : exo - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3056 advisory. - XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. CVE-2022-32278 Note that Nessus ha...

8.8CVSS8.4AI score0.00846EPSS

Exploits0References4

Tenable Nessus•added 2022/06/20 12:0 a.m.•36 views

Debian DSA-5164-1 : exo - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5164 advisory. It was discovered that exo, a support library for the Xfce desktop environment, would allow executing remote .desktop files. In some scenario, an attacker could use...

8.8CVSS8.3AI score0.00846EPSS

Exploits0References7