Every CVE whose affected-product data names Feh Project Feh, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2017-7875 — CVSS 9.8 (critical): In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an…
CVE-2010-2246 — CVSS 5.1 (medium): feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell…
CVE-2011-0702 — CVSS 3.3 (low): The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to overwrite arbitrary files via a symlink attack…
CVE-2011-1031 — CVSS 3.3 (low): The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to create arbitrary files via a symlink…