Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gdm vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2019-3820
It exists that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
Gnome Gnome-shell
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
4.6
CVSSv2
CVE-2018-14424
The daemon in GDM up to and including 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local malicious user to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial ...
Gnome Gnome Display Manager
4.4
CVSSv2
CVE-2020-27837
A flaw was found in GDM in versions before 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requ...
Gnome Gnome Display Manager
4.3
CVSSv2
CVE-2006-6105
Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog.
Gnome Gdm 2.16
Gnome Gdm 2.16.1
Gnome Gdm 2.14.1
Gnome Gdm 2.16.2
3.7
CVSSv2
CVE-2006-2452
GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privilege...
Gnome Gdm 2.14
Gnome Gdm 2.15
Gnome Gdm 2.12
Gnome Gdm 2.8
3.7
CVSSv2
CVE-2006-1057
Race condition in daemon/slave.c in gdm prior to 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file.
Gnome Gdm 2.14
2.1
CVSSv2
CVE-2013-7273
GNOME Display Manager (gdm) 3.4.1 and previous versions, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.
Gnome Gnome Display Manager 3.2.1.1
Gnome Gnome Display Manager 3.2.1
Gnome Gnome Display Manager 3.3.92
Gnome Gnome Display Manager 3.3.92.1
Gnome Gnome Display Manager 3.1.91
Gnome Gnome Display Manager 3.2.0
Gnome Gnome Display Manager
Gnome Gnome Display Manager 3.4.0
Gnome Gnome Display Manager 3.0.2
Gnome Gnome Display Manager 3.0.3
Gnome Gnome Display Manager 3.0.4
Gnome Gnome Display Manager 3.1.2
Gnome Gnome Display Manager 3.0.0
Gnome Gnome Display Manager 3.1.90
Gnome Gnome Display Manager 3.1.92
Gnome Gnome Display Manager 3.4.0.1
2.1
CVSSv2
CVE-2012-3203
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Gnome Display Manager GDM.
Sun Sunos 5.11
2.1
CVSSv2
CVE-2003-0794
GDM 2.4.4.x prior to 2.4.4.4, and 2.4.1.x prior to 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows malicious users to cause a denial of service (resource exhaustion) by sending commands and not reading the results.
Gnome Gdm 2.2.5.4
Gnome Gdm 2.4.1
Gnome Gdm 2.4.4
Gnome Gdm 2.4.1.5
Gnome Gdm 2.4.1.6
Gnome Gdm 2.4.1.1
Gnome Gdm 2.4.1.2
Gnome Gdm 2.4.1.3
Gnome Gdm 2.4.1.4
2.1
CVSSv2
CVE-2003-0793
GDM 2.4.4.x prior to 2.4.4.4, and 2.4.1.x prior to 2.4.1.7, does not restrict the size of input, which allows malicious users to cause a denial of service (memory consumption).
Gnome Gdm 2.4.1.1
Gnome Gdm 2.4.1.2
Gnome Gdm 2.2.5.4
Gnome Gdm 2.4.1
Gnome Gdm 2.4.4
Gnome Gdm 2.4.1.3
Gnome Gdm 2.4.1.4
Gnome Gdm 2.4.1.5
Gnome Gdm 2.4.1.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »