CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11460 – Gentoo Linux Security Advisory 201908-28
https://notcve.org/view.php?id=CVE-2019-11460
22 Apr 2019 — An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing an attacker to escape the sandbox if the thumbnailer has a controlling terminal. This is due to improper filtering of the TIOCSTI ioctl on 64-bit systems, similar to CVE-2019-10063. Un pro... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00088.html • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2014-7300 – gnome-shell: lockscreen bypass with printscreen key
https://notcve.org/view.php?id=CVE-2014-7300
25 Dec 2014 — GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer. GNOME Shell 3.14.x anterior a 3.14.1, cuando se utiliza la característica Screen Lock, no se limita el... • http://openwall.com/lists/oss-security/2014/09/29/17 • CWE-305: Authentication Bypass by Primary Weakness CWE-399: Resource Management Errors •