Linuxmint

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-44452 1Linuxmint 1Xreader Aug 14, 2025 May 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User inter...Show more Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CBT files. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22132.Show less
CVE-2023-44451 1Linuxmint 1Xreader Aug 14, 2025 May 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User int...Show more Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EPUB files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21897.Show less
CVE-2023-29380 1Linuxmint 1Warpinator Jan 13, 2025 May 29, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Warpinator before 1.6.0 allows remote file deletion via directory traversal in top_dir_basenames.
CVE-2022-42725 1Linuxmint 1Warpinator Nov 21, 2024 Oct 10, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links.
CVE-2019-20326 3Debian GnomeLinuxmint 3Debian Linux GthumbPix Nov 21, 2024 Mar 16, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and...Show more A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.Show less
CVE-2012-1567 1Linuxmint 1Linuxmint Nov 21, 2024 Feb 7, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate.
CVE-2012-1566 1Linuxmint 1Linuxmint Nov 21, 2024 Feb 7, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny.
CVE-2019-17080 1Linuxmint 1Mintinstall Nov 21, 2024 Oct 2, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports.
CVE-2018-13054 2Debian Linuxmint 2Cinnamon Debian Linux Nov 21, 2024 Jul 2, 2018 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_fac...Show more An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content.Show less
CVE-2014-1949 3Canonical GnomeLinuxmint 3Gtk Linux MintUbuntu May 6, 2026 Jan 16, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.