Vulnerabilities > Gnome > Nautilus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-37290 | NULL Pointer Dereference vulnerability in multiple products GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive. | 5.5 |
| 2017-09-20 | CVE-2017-14604 | Improper Input Validation vulnerability in multiple products GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. | 6.5 |