Every CVE whose affected-product data names Gnome Gnome-shell, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2017-8288 — CVSS 8.1 (high): gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen…
CVE-2014-7300 — CVSS 7.2 (high): GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc…
CVE-2010-4000 — CVSS 6.9 (medium): gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges…
CVE-2012-4427 — CVSS 6.8 (medium): The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from…
CVE-2021-20315 — CVSS 6.1 (medium): A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu"…
CVE-2021-3982 — CVSS 5.5 (medium): Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege…
CVE-2023-43090 — CVSS 5.5 (medium): A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked…
CVE-2013-7221 — CVSS 4.6 (medium): The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command"…
CVE-2013-7220 — CVSS 4.6 (medium): js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by…
CVE-2020-17489 — CVSS 4.3 (medium): An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box…
CVE-2019-3820 — CVSS 4.3 (medium): It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with…