Vulnerabilities > Gnome > Nautilus > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-14 CVE-2022-37290 NULL Pointer Dereference vulnerability in multiple products
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.
local
low complexity
gnome fedoraproject CWE-476
5.5
2017-09-20 CVE-2017-14604 Improper Input Validation vulnerability in multiple products
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command.
network
low complexity
gnome debian CWE-20
6.5