Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-43090
A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.
Gnome Gnome-shell
Gnome Gnome-shell 42
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2001-0928
Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and previous versions may allow remote malicious users to execute arbitrary code via long authentication data.
Gnome Libgtop Daemon 1.0.12
Gnome Libgtop Daemon 1.0.13
Gnome Libgtop Daemon 1.0.6
Gnome Libgtop Daemon 1.0.7
Gnome Libgtop Daemon 1.0.9
NA
CVE-2010-0422
gnome-screensaver 2.28.x prior to 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate malicious users to bypass screen locking and access an unattended...
Gnome Screensaver 2.28.1
Gnome Screensaver 2.28.2
Gnome Screensaver 2.28.0
7.8
CVSSv3
CVE-2018-19358
GNOME Keyring up to and including 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mec...
Gnome Gnome-keyring
1 Github repository
5.5
CVSSv3
CVE-2017-11171
Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local malicious user to establish ICE connections to gnome-session with invalid authentication data (an invalid magic cookie). ...
Gnome Gnome-session
5.5
CVSSv3
CVE-2021-3982
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler prior...
Gnome Gnome-shell -
NA
CVE-2001-0927
Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and previous versions allows remote malicious users to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog...
Gnome Libgtop Daemon 1.0.9
Gnome Libgtop Daemon 1.0.6
Gnome Libgtop Daemon 1.0.7
Gnome Libgtop Daemon 1.0.12
7.5
CVSSv3
CVE-2012-6111
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function
Gnome Gnome Keyring 3.2
Gnome Gnome Keyring 3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2012-4427
The gnome-shell plugin 3.4.1 in GNOME allows remote malicious users to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page.
Gnome Gnome-shell 3.4.1
NA
CVE-2010-4000
gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Gnome Gnome-shell 2.31.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »