CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 1CVE-2023-29380
https://notcve.org/view.php?id=CVE-2023-29380
28 May 2023 — Warpinator before 1.6.0 allows remote file deletion via directory traversal in top_dir_basenames. • https://github.com/linuxmint/warpinator/compare/1.4.5...1.6.0 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-42725
https://notcve.org/view.php?id=CVE-2022-42725
10 Oct 2022 — Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links. Warpinator versiones hasta 1.2.14, permite un acceso fuera de un directorio previsto, como lo demuestran los enlaces simbólicos de directorio • http://www.openwall.com/lists/oss-security/2022/10/24/1 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 3%CPEs: 3EXPL: 1CVE-2019-20326 – Ubuntu Security Notice USN-5680-1
https://notcve.org/view.php?id=CVE-2019-20326
16 Mar 2020 — A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. Un desbordamiento de búfer en la región heap de la memoria en la función _cairo_image_surface_create_from_jpeg() en el archivo extensions/cairo_io/cairo-image-surface-jpeg.c en GNOME gThumb versiones anteriores a 3.8.3 y Linux Mint... • https://github.com/Fysac/CVE-2019-20326 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2012-1567
https://notcve.org/view.php?id=CVE-2012-1567
07 Feb 2020 — LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate. LinuxMint a partir del 19-03-2012, presenta vulnerabilidades temporales de creación de archivos en mintUpdate. • http://www.openwall.com/lists/oss-security/2012/03/19/14 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-1566
https://notcve.org/view.php?id=CVE-2012-1566
07 Feb 2020 — LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny. LinuxMint a partir del 19-03-2012, presenta vulnerabilidades de creación de archivos temporales en mintNanny. • http://www.openwall.com/lists/oss-security/2012/03/19/14 •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 6CVE-2019-17080 – mintinstall 7.9.9 - Code Execution
https://notcve.org/view.php?id=CVE-2019-17080
02 Oct 2019 — mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports. mintinstall (también se conoce como Software Manager) versión 7.9.9 para Linux Mint, permite la ejecución de código si un atacante controla un archivo de REVIEWS_CACHE, ya que se produce un unpickle. Esto se resuelve en 8.0.0 y backports. mintinstall version 7.9.9 suffers from an object injection vulnerability... • https://packetstorm.news/files/id/154722 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-13054
https://notcve.org/view.php?id=CVE-2018-13054
02 Jul 2018 — An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content. Se ha descubierto un problema en Cinnamon, desde la ve... • https://bugzilla.suse.com/show_bug.cgi?id=1083067 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1949 – Mandriva Linux Security Advisory 2015-162
https://notcve.org/view.php?id=CVE-2014-1949
16 Jan 2015 — GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button. GTK+ 3.10.9 y anteriores, utilizado en cinnamon-screensaver, gnome-screensaver, y otras aplicaciones, permite a atacantes físicamente próximos evadir la pantalla de bloqueo mediante la activación del botón del menú. Clemens Fries reported that, when using Cinnamon, it was possible to bypass the screensaver lock. An a... • http://advisories.mageia.org/MGASA-2014-0374.html • CWE-284: Improper Access Control •