Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lightdm vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-8316
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x prior to 1.16.6 when the XDMCP server is enabled allows remote malicious users to cause a denial of service (process crash) via an XDMCP request packet with no address.
Lightdm Project Lightdm 1.16.4
Lightdm Project Lightdm 1.14.3
Lightdm Project Lightdm 1.16.3
Lightdm Project Lightdm 1.16.2
Lightdm Project Lightdm 1.16.1
Lightdm Project Lightdm 1.16
409
VMScore
CVE-2012-1111
lightdm prior to 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 1.0.2
Robert Ancell Lightdm 0.9.6
Robert Ancell Lightdm 0.9.4
Robert Ancell Lightdm 0.4.4
Robert Ancell Lightdm 0.4.2
Robert Ancell Lightdm 0.3.2
Robert Ancell Lightdm 0.3.0
Robert Ancell Lightdm 0.1.0
Robert Ancell Lightdm 0.0.3
Robert Ancell Lightdm
Robert Ancell Lightdm 1.0.6
Robert Ancell Lightdm 0.9.3
Robert Ancell Lightdm 0.9.2
Robert Ancell Lightdm 0.9.1
Robert Ancell Lightdm 0.9.0
Robert Ancell Lightdm 0.2.2
Robert Ancell Lightdm 0.2.1
Robert Ancell Lightdm 0.2.0
Robert Ancell Lightdm 0.1.2
Robert Ancell Lightdm 1.0.10
Robert Ancell Lightdm 1.0.1
169
VMScore
CVE-2011-3153
dmrc.c in Light Display Manager (aka LightDM) prior to 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.
Canonical Ubuntu Linux 11.10
Robert Ancell Lightdm 1.0.6
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 0.9.8
Robert Ancell Lightdm 0.9.6
Robert Ancell Lightdm 0.9.1
Robert Ancell Lightdm 1.0.2
Robert Ancell Lightdm 1.0.11
Robert Ancell Lightdm 1.0.10
Robert Ancell Lightdm 1.0.1
Robert Ancell Lightdm 0.4.1
Robert Ancell Lightdm 0.4.0
Robert Ancell Lightdm 0.3.6
Robert Ancell Lightdm 0.3.5
Robert Ancell Lightdm 0.0.4
Robert Ancell Lightdm 0.0.3
Robert Ancell Lightdm 0.0.2
Robert Ancell Lightdm 0.0.1
Robert Ancell Lightdm 1.0.5
Robert Ancell Lightdm 1.0.3
Robert Ancell Lightdm 1.0.0
Robert Ancell Lightdm 0.9.7
169
VMScore
CVE-2011-4105
LightDM prior to 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
Robert Ancell Lightdm 1.1.0
Robert Ancell Lightdm 1.0.3
Robert Ancell Lightdm 0.9.5
Robert Ancell Lightdm 0.9.4
Robert Ancell Lightdm 0.4.1
Robert Ancell Lightdm 0.4.0
Robert Ancell Lightdm 0.3.0
Robert Ancell Lightdm 0.2.3
Robert Ancell Lightdm 0.0.4
Robert Ancell Lightdm 0.0.3
Robert Ancell Lightdm 0.0.2
Robert Ancell Lightdm 1.0.0
Robert Ancell Lightdm 0.9.8
Robert Ancell Lightdm 0.9.0
Robert Ancell Lightdm 0.4.4
Robert Ancell Lightdm 0.3.4
Robert Ancell Lightdm 0.3.3
Robert Ancell Lightdm 0.2.0
Robert Ancell Lightdm 0.1.2
Robert Ancell Lightdm
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 0.9.7
187
VMScore
CVE-2013-4331
Light Display Manager (aka LightDM) 1.4.x prior to 1.4.3, 1.6.x prior to 1.6.2, and 1.7.x prior to 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
Robert Ancell Lightdm 1.7.1
Robert Ancell Lightdm 1.7.11
Robert Ancell Lightdm 1.7.6
Robert Ancell Lightdm 1.7.8
Robert Ancell Lightdm 1.4.1
Robert Ancell Lightdm 1.7.9
Robert Ancell Lightdm 1.6.0
Robert Ancell Lightdm 1.6.1
Robert Ancell Lightdm 1.4.0
Robert Ancell Lightdm 1.7.13
Robert Ancell Lightdm 1.7.2
Robert Ancell Lightdm 1.7.3
Robert Ancell Lightdm 1.7.4
Robert Ancell Lightdm 1.7.0
Robert Ancell Lightdm 1.7.10
Robert Ancell Lightdm 1.7.12
Robert Ancell Lightdm 1.7.5
Robert Ancell Lightdm 1.7.7
Robert Ancell Lightdm 1.4.2
187
VMScore
CVE-2014-0979
The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter prior to 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) ...
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.2
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.3
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.2
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.3.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.6
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.6.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.6.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.5
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.4
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.3.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.1
294
VMScore
CVE-2013-4459
LightDM 1.7.5 up to and including 1.8.3 and 1.9.x prior to 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
Robert Ancell Lightdm 1.7.12
Robert Ancell Lightdm 1.7.11
Robert Ancell Lightdm 1.7.10
Robert Ancell Lightdm 1.7.9
Robert Ancell Lightdm 1.9.0
Robert Ancell Lightdm 1.8.3
Robert Ancell Lightdm 1.7.15
Robert Ancell Lightdm 1.7.13
Robert Ancell Lightdm 1.7.8
Robert Ancell Lightdm 1.7.6
Robert Ancell Lightdm 1.8.2
Robert Ancell Lightdm 1.8.1
Robert Ancell Lightdm 1.8.0
Robert Ancell Lightdm 1.7.18
Robert Ancell Lightdm 1.7.17
Robert Ancell Lightdm 1.9.1
Robert Ancell Lightdm 1.7.16
Robert Ancell Lightdm 1.7.14
Robert Ancell Lightdm 1.7.7
Robert Ancell Lightdm 1.7.5
Canonical Ubuntu Linux 13.10
215
VMScore
CVE-2012-0943
debian/guest-account in Light Display Manager (lightdm) 1.0.x prior to 1.0.6 and 1.1.x prior to 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to diffe...
Robert Ancell Lightdm 1.0.2
Robert Ancell Lightdm 1.0.1
Robert Ancell Lightdm 1.0.0
Robert Ancell Lightdm 1.1.6
Robert Ancell Lightdm 1.1.5
Robert Ancell Lightdm 1.1.0
Canonical Ubuntu Linux 11.10
Robert Ancell Lightdm 1.0.5
Robert Ancell Lightdm 1.0.3
Robert Ancell Lightdm 1.1.3
Robert Ancell Lightdm 1.1.1
Robert Ancell Lightdm 1.0.4
Robert Ancell Lightdm 1.1.4
Robert Ancell Lightdm 1.1.2
1 EDB exploit
641
VMScore
CVE-2011-3349
lightdm prior to 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
Lightdm Project Lightdm
695
VMScore
CVE-2017-7358
In LightDM up to and including 1.22.0, a directory traversal issue in debian/guest-account.sh allows local malicious users to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
Lightdm Project Lightdm
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 16.04
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »