Vulnerabilities > Gnome > Gnome Shell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-22 | CVE-2023-43090 | A vulnerability was found in GNOME Shell. | 5.5 |
| 2022-04-29 | CVE-2021-3982 | Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. | 5.5 |
| 2022-02-18 | CVE-2021-20315 | Improper Locking vulnerability in multiple products A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. | 6.1 |
| 2019-02-06 | CVE-2019-3820 | Improper Authentication vulnerability in multiple products It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. | 4.6 |
| 2017-04-27 | CVE-2017-8288 | Improper Input Validation vulnerability in Gnome Gnome-Shell gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. | 6.8 |
| 2014-04-29 | CVE-2013-7221 | Permissions, Privileges, and Access Controls vulnerability in Gnome Gnome-Shell The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation. | 4.6 |
| 2014-04-29 | CVE-2013-7220 | Unspecified vulnerability in Gnome Gnome-Shell js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search. | 4.6 |
| 2012-10-01 | CVE-2012-4427 | Code Injection vulnerability in Gnome Gnome-Shell 3.4.1 The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page. | 6.8 |
| 2010-11-06 | CVE-2010-4000 | Permissions, Privileges, and Access Controls vulnerability in Gnome Gnome-Shell 2.31.5 gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | 6.9 |