EUVD-2021-18433

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-14345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. An...

USN-4781-1: Slurm vulnerabilities

It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10030 It was discovered that Slurm mishandled SPAN...

Amazon Linux 2 : libX11 (ALAS-2021-1686)

The version of libX11 installed on the remote host is prior to 1.6.7-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1686 advisory. A missing validation flaw was found in libX11. This flaw allows an attacker to inject X11 protocol commands on X clients, and in som...

SUSE SLED15 / SLES15 Security Update : libX11 (SUSE-SU-2021:1897-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:1897-1 advisory. - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11...

CVE-2021-31535

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended for server-side color lookup contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allow...

openSUSE Security Update : sddm (openSUSE-2019-594)

This update for sddm fixes the following issues : The following security vulnerability was addressed : - CVE-2018-14345: Fixed the authentication, which did not check the password for users with an already existing session and allowed any user with access to the system bus to unlock any graphical...

[SECURITY] Fedora 29 Update: gdm-3.30.3-1.fc29

GDM, the GNOME Display Manager, handles authentication-related backend functionality for logging in a user and unlocking the user's session after it's been locked. GDM also provides functionality for initiating user-switc hing, so more than one user can be logged in at the same time. It handles...

openSUSE: Security Advisory for sddm (openSUSE-SU-2018:2310-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : sddm (openSUSE-2018-862)

This update for sddm fixes the following issues : The following security vulnerability was addressed : - CVE-2018-14345: Fixed the authentication, which did not check the password for users with an already existing session and allowed any user with access to the system bus to unlock any graphical...

Security update for sddm (moderate)

This update for sddm fixes the following issues: The following security vulnerability was addressed: - CVE-2018-14345: Fixed the authentication, which did not check the password for users with an already existing session and allowed any user with access to the system bus to unlock any graphical...

X11 Session -- SDDM allows unauthorised unlocking

MITRE reports: An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. The default configuration of SDDM on...

CVE-2018-14345

An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and...

UBUNTU-CVE-2018-14345

An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and...

CVE-2018-14345

An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and...

CVE-2017-11171

Bad reference counting in the context of accepticeconnection in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data an invalid magic cookie. Each failed authentication...

Authentication flaw

Bad reference counting in the context of accepticeconnection in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data an invalid magic cookie. Each failed authentication...

MGASA-2014-0445 Updated kdebase4-workspace packages fix security vulnerability and various bugs

This update fixes a security vulnerability in the KDE workspace configuration module for setting the date and time CVE-2014-8651, mga14487, and fixes some additional issues: - fix kcm botching unrelated user settings mga3310, bko254430, - do not popup during initialization 0 B Removable media...

Updated kdebase4-workspace packages fix security vulnerability and various bugs

This update fixes a security vulnerability in the KDE workspace configuration module for setting the date and time CVE-2014-8651, mga14487, and fixes some additional issues: - fix kcm botching unrelated user settings mga3310, bko254430, - do not popup during initialization 0 B Removable media...

MGASA-2013-0286 Updated lightdm package fixes security vulnerability

lightdm before 1.4.3, 1.6.2 and 1.7.14 created .Xauthority files with world-readable permissions CVE-2013-4331. Additionally, an issue where a user logged into a graphical desktop environment through lightdm would lose privleges to local devices such as the sound card when using the 'su' command...