Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43090
A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.
Gnome Gnome-shell
Gnome Gnome-shell 42
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.5
CVSSv2
CVE-2001-0928
Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and previous versions may allow remote malicious users to execute arbitrary code via long authentication data.
Gnome Libgtop Daemon 1.0.12
Gnome Libgtop Daemon 1.0.13
Gnome Libgtop Daemon 1.0.6
Gnome Libgtop Daemon 1.0.7
Gnome Libgtop Daemon 1.0.9
4
CVSSv2
CVE-2010-0422
gnome-screensaver 2.28.x prior to 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate malicious users to bypass screen locking and access an unattended...
Gnome Screensaver 2.28.1
Gnome Screensaver 2.28.2
Gnome Screensaver 2.28.0
2.1
CVSSv2
CVE-2021-3982
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler prior...
Gnome Gnome-shell -
2.1
CVSSv2
CVE-2018-19358
GNOME Keyring up to and including 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mec...
Gnome Gnome-keyring
1 Github repository
4.9
CVSSv2
CVE-2017-11171
Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local malicious user to establish ICE connections to gnome-session with invalid authentication data (an invalid magic cookie). ...
Gnome Gnome-session
5
CVSSv2
CVE-2012-6111
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function
Gnome Gnome Keyring 3.2
Gnome Gnome Keyring 3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2001-0927
Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and previous versions allows remote malicious users to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog...
Gnome Libgtop Daemon 1.0.9
Gnome Libgtop Daemon 1.0.6
Gnome Libgtop Daemon 1.0.7
Gnome Libgtop Daemon 1.0.12
4.6
CVSSv2
CVE-2020-16125
gdm3 versions prior to 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to cr...
Gnome Gnome Display Manager
1 Github repository
7.5
CVSSv2
CVE-2003-0080
The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow malicious users to bypass intended access restrictions if packet forwarding is enabled.
Gnome Gnome-lokkit 0.50 21
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »