linuxmint 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには パス処理の欠陥 and vendor risk memory corruption があり、vendor surface production workloads and vendor surface software deployment の利用場面で ファイル上書き、vendor impact memory corruption, and アプリケーションクラッシュ などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-44452 | Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CBT files. The issue results from the lack of proper validation of a user-supplied string before using it to e | [email protected] | 7.8 | 1.27% | 2024-05-02 | 2026-06-17 |
| CVE-2023-44451 | Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EPUB files. The issue results from the lack of proper validation of a user-supplied path prior to using it i | [email protected] | 7.8 | 1.77% | 2024-05-02 | 2026-06-17 |
| CVE-2023-29380 | Warpinator before 1.6.0 allows remote file deletion via directory traversal in top_dir_basenames. | [email protected] | 7.5 | 1.77% | 2023-05-28 | 2026-06-17 |
| CVE-2022-42725 | Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links. | [email protected] | 7.5 | 1.24% | 2022-10-10 | 2026-06-17 |
| CVE-2019-20326 | A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. | [email protected] | 7.8 | 2.15% | 2020-03-16 | 2026-06-16 |
| CVE-2012-1567 | LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate. | [email protected] | 7.5 | 1.02% | 2020-02-07 | 2026-06-16 |
| CVE-2012-1566 | LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny. | [email protected] | 7.5 | 0.88% | 2020-02-07 | 2026-06-16 |
| CVE-2019-17080 | mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports. | [email protected] | 7.8 | 8.20% | 2019-10-02 | 2026-06-16 |
| CVE-2018-13054 | An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content. | [email protected] | 8.1 | 2.20% | 2018-07-02 | 2026-06-16 |
| CVE-2014-1949 | GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button. | [email protected] | 7.2 | 0.33% | 2015-01-16 | 2026-06-16 |