Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Gnome Display Manager Security Vulnerabilities

cve
cve

CVE-2013-4169

GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on...

6.1AI Score

0.0004EPSS

2022-10-03 04:14 PM
25
cve
cve

CVE-2020-27837

A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more...

6.4CVSS

6AI Score

0.001EPSS

2020-12-28 07:15 PM
63
cve
cve

CVE-2020-16125

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged...

7.2CVSS

6.4AI Score

0.001EPSS

2020-11-10 05:15 AM
196
1
cve
cve

CVE-2016-1000002

gdm3 3.14.2 and possibly later has an information leak before screen...

2.4CVSS

3.7AI Score

0.001EPSS

2019-11-05 02:15 PM
37
cve
cve

CVE-2019-3825

A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's...

6.4CVSS

5.4AI Score

0.001EPSS

2019-02-06 08:29 PM
127
cve
cve

CVE-2018-14424

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code...

7.8CVSS

7.4AI Score

0.0004EPSS

2018-08-14 06:29 PM
53
cve
cve

CVE-2017-12164

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their...

6.4CVSS

6AI Score

0.001EPSS

2018-07-26 04:29 PM
41
cve
cve

CVE-2015-7496

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape...

6.3AI Score

0.001EPSS

2015-11-24 08:59 PM
30
cve
cve

CVE-2013-7273

GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user...

6.4AI Score

0.0004EPSS

2014-04-29 02:38 PM
19
cve
cve

CVE-2010-2387

vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog...

6.6AI Score

0.0004EPSS

2012-12-21 05:46 AM
21