Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gdm vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-14424
The daemon in GDM up to and including 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local malicious user to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial ...
Gnome Gnome Display Manager
6.8
CVSSv3
CVE-2020-16125
gdm3 versions prior to 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to cr...
Gnome Gnome Display Manager
1 Github repository
6.4
CVSSv3
CVE-2020-27837
A flaw was found in GDM in versions before 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requ...
Gnome Gnome Display Manager
6.4
CVSSv3
CVE-2019-3825
A vulnerability exists in gdm prior to 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.
Gnome Gnome Display Manager
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux 7.0
6.4
CVSSv3
CVE-2017-12164
A flaw exists in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
Gnome Gnome Display Manager 3.24.1
4.3
CVSSv3
CVE-2019-3820
It exists that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
Gnome Gnome-shell
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
NA
CVE-2013-7273
GNOME Display Manager (gdm) 3.4.1 and previous versions, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.
Gnome Gnome Display Manager 3.0.3
Gnome Gnome Display Manager 3.2.1.1
Gnome Gnome Display Manager 3.3.92
Gnome Gnome Display Manager 3.1.91
Gnome Gnome Display Manager 3.0.0
Gnome Gnome Display Manager 3.4.0
Gnome Gnome Display Manager 3.3.92.1
Gnome Gnome Display Manager 3.1.90
Gnome Gnome Display Manager 3.2.1
Gnome Gnome Display Manager 3.0.2
Gnome Gnome Display Manager
Gnome Gnome Display Manager 3.1.2
Gnome Gnome Display Manager 3.0.4
Gnome Gnome Display Manager 3.2.0
Gnome Gnome Display Manager 3.1.92
Gnome Gnome Display Manager 3.4.0.1
NA
CVE-2010-2387
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x prior to 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
Gnome Gnome Display Manager 2.20.8
Gnome Gnome Display Manager 2.20.10
Gnome Gnome Display Manager 2.20.6
Gnome Gnome Display Manager 2.20.0
Gnome Gnome Display Manager 2.20.5
Gnome Gnome Display Manager 2.20.1
Gnome Gnome Display Manager 2.20.3
Gnome Gnome Display Manager 2.20.2
Gnome Gnome Display Manager 2.20.9
Gnome Gnome Display Manager 2.20.7
Gnome Gnome Display Manager 2.20.4
1 Github repository
NA
CVE-2012-3203
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Gnome Display Manager GDM.
Sun Sunos 5.11
NA
CVE-2011-1709
GNOME Display Manager (gdm) prior to 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.
Gnome Gdm 1.0
Gnome Gdm 2.0
Gnome Gdm 2.2
Gnome Gdm 2.3
Gnome Gdm 2.4
Gnome Gdm 2.5
Gnome Gdm 2.6
Gnome Gdm 2.8
Gnome Gdm 2.13
Gnome Gdm 2.14
Gnome Gdm 2.15
Gnome Gdm 2.16
Gnome Gdm 2.17
Gnome Gdm 2.18
Gnome Gdm 2.19
Gnome Gdm 2.20
Gnome Gdm 2.21
Gnome Gdm 2.22
Gnome Gdm 2.23
Gnome Gdm 2.24
Gnome Gdm 2.25
Gnome Gdm 2.26
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »