Vulnerabilities > Xfce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-09 | CVE-2022-45062 | Argument Injection or Modification vulnerability in multiple products In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper. | 9.8 |
| 2022-06-13 | CVE-2022-32278 | XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. | 6.8 |
| 2021-05-11 | CVE-2021-32563 | Improper Control of Dynamically-Managed Code Resources vulnerability in Xfce Thunar An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. | 9.8 |
| 2019-11-14 | CVE-2011-1588 | Use of Externally-Controlled Format String vulnerability in multiple products Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. | 6.8 |
| 2018-10-19 | CVE-2018-18398 | Out-of-bounds Read vulnerability in Xfce Thunar and Xfce Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. | 1.9 |
| 2008-01-09 | CVE-2007-6532 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xfce 4.4.0/4.4.1 Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management." | 10.0 |
| 2008-01-09 | CVE-2007-6531 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xfce 4.4.0/4.4.1 Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. | 5.0 |