Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lightdm vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-8316
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x prior to 1.16.6 when the XDMCP server is enabled allows remote malicious users to cause a denial of service (process crash) via an XDMCP request packet with no address.
Lightdm Project Lightdm 1.16.4
Lightdm Project Lightdm 1.14.3
Lightdm Project Lightdm 1.16.3
Lightdm Project Lightdm 1.16.2
Lightdm Project Lightdm 1.16.1
Lightdm Project Lightdm 1.16
4.6
CVSSv2
CVE-2012-1111
lightdm prior to 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 1.0.2
Robert Ancell Lightdm 0.9.6
Robert Ancell Lightdm 0.9.4
Robert Ancell Lightdm 0.4.4
Robert Ancell Lightdm 0.4.2
Robert Ancell Lightdm 0.3.2
Robert Ancell Lightdm 0.3.0
Robert Ancell Lightdm 0.1.0
Robert Ancell Lightdm 0.0.3
Robert Ancell Lightdm
Robert Ancell Lightdm 1.0.6
Robert Ancell Lightdm 0.9.3
Robert Ancell Lightdm 0.9.2
Robert Ancell Lightdm 0.9.1
Robert Ancell Lightdm 0.9.0
Robert Ancell Lightdm 0.2.2
Robert Ancell Lightdm 0.2.1
Robert Ancell Lightdm 0.2.0
Robert Ancell Lightdm 0.1.2
Robert Ancell Lightdm 1.0.10
Robert Ancell Lightdm 1.0.1
1.9
CVSSv2
CVE-2011-3153
dmrc.c in Light Display Manager (aka LightDM) prior to 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.
Canonical Ubuntu Linux 11.10
Robert Ancell Lightdm 1.0.6
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 0.9.8
Robert Ancell Lightdm 0.9.6
Robert Ancell Lightdm 0.9.1
Robert Ancell Lightdm 1.0.2
Robert Ancell Lightdm 1.0.11
Robert Ancell Lightdm 1.0.10
Robert Ancell Lightdm 1.0.1
Robert Ancell Lightdm 0.4.1
Robert Ancell Lightdm 0.4.0
Robert Ancell Lightdm 0.3.6
Robert Ancell Lightdm 0.3.5
Robert Ancell Lightdm 0.0.4
Robert Ancell Lightdm 0.0.3
Robert Ancell Lightdm 0.0.2
Robert Ancell Lightdm 0.0.1
Robert Ancell Lightdm 1.0.5
Robert Ancell Lightdm 1.0.3
Robert Ancell Lightdm 1.0.0
Robert Ancell Lightdm 0.9.7
1.9
CVSSv2
CVE-2011-4105
LightDM prior to 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
Robert Ancell Lightdm 1.1.0
Robert Ancell Lightdm 1.0.3
Robert Ancell Lightdm 0.9.5
Robert Ancell Lightdm 0.9.4
Robert Ancell Lightdm 0.4.1
Robert Ancell Lightdm 0.4.0
Robert Ancell Lightdm 0.3.0
Robert Ancell Lightdm 0.2.3
Robert Ancell Lightdm 0.0.4
Robert Ancell Lightdm 0.0.3
Robert Ancell Lightdm 0.0.2
Robert Ancell Lightdm 1.0.0
Robert Ancell Lightdm 0.9.8
Robert Ancell Lightdm 0.9.0
Robert Ancell Lightdm 0.4.4
Robert Ancell Lightdm 0.3.4
Robert Ancell Lightdm 0.3.3
Robert Ancell Lightdm 0.2.0
Robert Ancell Lightdm 0.1.2
Robert Ancell Lightdm
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 0.9.7
2.1
CVSSv2
CVE-2013-4331
Light Display Manager (aka LightDM) 1.4.x prior to 1.4.3, 1.6.x prior to 1.6.2, and 1.7.x prior to 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
Robert Ancell Lightdm 1.7.1
Robert Ancell Lightdm 1.7.11
Robert Ancell Lightdm 1.7.6
Robert Ancell Lightdm 1.7.8
Robert Ancell Lightdm 1.4.1
Robert Ancell Lightdm 1.7.9
Robert Ancell Lightdm 1.6.0
Robert Ancell Lightdm 1.6.1
Robert Ancell Lightdm 1.4.0
Robert Ancell Lightdm 1.7.13
Robert Ancell Lightdm 1.7.2
Robert Ancell Lightdm 1.7.3
Robert Ancell Lightdm 1.7.4
Robert Ancell Lightdm 1.7.0
Robert Ancell Lightdm 1.7.10
Robert Ancell Lightdm 1.7.12
Robert Ancell Lightdm 1.7.5
Robert Ancell Lightdm 1.7.7
Robert Ancell Lightdm 1.4.2
2.1
CVSSv2
CVE-2014-0979
The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter prior to 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) ...
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.2
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.3
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.2
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.3.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.6
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.6.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.6.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.5
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.4
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.3.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.1
3.3
CVSSv2
CVE-2013-4459
LightDM 1.7.5 up to and including 1.8.3 and 1.9.x prior to 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
Robert Ancell Lightdm 1.7.12
Robert Ancell Lightdm 1.7.11
Robert Ancell Lightdm 1.7.10
Robert Ancell Lightdm 1.7.9
Robert Ancell Lightdm 1.9.0
Robert Ancell Lightdm 1.8.3
Robert Ancell Lightdm 1.7.15
Robert Ancell Lightdm 1.7.13
Robert Ancell Lightdm 1.7.8
Robert Ancell Lightdm 1.7.6
Robert Ancell Lightdm 1.8.2
Robert Ancell Lightdm 1.8.1
Robert Ancell Lightdm 1.8.0
Robert Ancell Lightdm 1.7.18
Robert Ancell Lightdm 1.7.17
Robert Ancell Lightdm 1.9.1
Robert Ancell Lightdm 1.7.16
Robert Ancell Lightdm 1.7.14
Robert Ancell Lightdm 1.7.7
Robert Ancell Lightdm 1.7.5
Canonical Ubuntu Linux 13.10
2.1
CVSSv2
CVE-2012-0943
debian/guest-account in Light Display Manager (lightdm) 1.0.x prior to 1.0.6 and 1.1.x prior to 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to diffe...
Robert Ancell Lightdm 1.0.2
Robert Ancell Lightdm 1.0.1
Robert Ancell Lightdm 1.0.0
Robert Ancell Lightdm 1.1.6
Robert Ancell Lightdm 1.1.5
Robert Ancell Lightdm 1.1.0
Canonical Ubuntu Linux 11.10
Robert Ancell Lightdm 1.0.5
Robert Ancell Lightdm 1.0.3
Robert Ancell Lightdm 1.1.3
Robert Ancell Lightdm 1.1.1
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 1.1.4
Robert Ancell Lightdm 1.1.2
1 EDB exploit
7.2
CVSSv2
CVE-2011-3349
lightdm prior to 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
Lightdm Project Lightdm
6.9
CVSSv2
CVE-2017-7358
In LightDM up to and including 1.22.0, a directory traversal issue in debian/guest-account.sh allows local malicious users to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
Lightdm Project Lightdm
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 16.04
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »