Vulnerabilities > Gnome > Nautilus

DATE CVE VULNERABILITY TITLE RISK
2022-11-14 CVE-2022-37290 NULL Pointer Dereference vulnerability in multiple products
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.
local
low complexity
gnome fedoraproject CWE-476
5.5
2019-04-22 CVE-2019-11461 Unspecified vulnerability in Gnome Nautilus
An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1.
local
high complexity
gnome
7.8
2019-03-07 CVE-2017-12447 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Gdk-Pixbuf and Nautilus
GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.
local
low complexity
gnome CWE-119
7.8
2017-09-20 CVE-2017-14604 Improper Input Validation vulnerability in multiple products
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command.
network
low complexity
gnome debian CWE-20
6.5