Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sddm project sddm vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2020-28049
An issue exists in SDDM prior to 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display ...
Sddm Project Sddm
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2018-14345
An issue exists in SDDM up to and including 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display...
Sddm Project Sddm
7.8
CVSSv3
CVE-2014-7271
Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to log in as user "sddm" without authentication.
Sddm Project Sddm
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.8
CVSSv3
CVE-2014-7272
Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race cond...
Sddm Project Sddm
Fedoraproject Fedora 20
Fedoraproject Fedora 21
NA
CVE-2015-0856
daemon/Greeter.cpp in sddm prior to 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.
Fedoraproject Fedora 22
Sddm Project Sddm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started