11 matches found
CVE-2019-3820
Technical details about CVE-2019-3820 are not publicly available in the provided Connected documents. The description mentions physical access and GNOME lock screen behavior. No remediation or affected versions are confirmed here. Monitor for updates from official advisories.
CVE-2020-17489
CVE-2020-17489 affects GNOME Shell (gnome-shell) up to 3.36.4. The issue: when logging out of an account, the login dialog password box may reappear with the password visible if the user previously chose the option to show the password in cleartext at login, exposing the password briefly (otherwi...
CVE-2021-3982
CVE-2021-3982 affects Linux distributions running gnome-shell and CAP_SYS_NICE. The vulnerability arises from how CAP_SYS_NICE is implemented, allowing a low-privilege attacker to elevate their process scheduler priority and potentially cause DoS of other services on the same machine. Public sour...
CVE-2023-43090
Summary: CVE-2023-43090 affects GNOME Shell. The vulnerability arises on the lock screen where an unauthenticated local user can view windows of the locked desktop session by using keyboard shortcuts to bypass the restricted screenshot tool functionality. The issue is described consistently acros...
CVE-2017-8288
GNOME Shell vulnerability CVE-2017-8288 affects gnome-shell versions 3.22–3.24.1 due to missing exception handling in js/ui/extensionSystem.js, leaving enabled extensions on the lock screen. An attacker could launch applications, view extension-derived info, or execute arbitrary commands via exte...
CVE-2014-7300
CVE-2014-7300 affects GNOME Shell 3.14.x before 3.14.1; when the screen is locked, repeated PrtSc requests can exhaust memory and briefly surface a shell due to the Linux OOM killer, enabling local attackers to gain temporary access. The issue is addressed by upstream fixes in GNOME Shell 3.14.1 ...
CVE-2021-20315
CVE-2021-20315 describes a local, physical-attackable bypass in some gnome-shell versions shipped with CentOS Stream 8 when the Application menu or Window List GNOME extensions are enabled. The flaw lets an attacker on a locked system kill existing applications and start new ones as the locked us...
CVE-2010-4000
CVE-2010-4000 affects GNOME Shell (gnome-shell) with version 2.31.5. The issue arises when a zero-length directory name is placed in the LD_LIBRARY_PATH, allowing a local user to load a Trojan horse shared library from the current working directory and gain privileges. The connected documents con...
CVE-2012-4427
CVE-2012-4427 affects the GNOME ecosystem: the gnome-shell plugin 3.4.1 can be forced to download and install arbitrary extensions from extensions.gnome.org via a crafted web page. The vulnerability is described as a remote condition where an attacker can trigger extension installation, with the ...
CVE-2013-7220
Vulnerability: CVE-2013-7220 affects GNOME Shell (gnome-shell) prior to 3.8. Summary: when the keyboard focus is on the Activities search, physically proximate attackers could cause arbitrary commands to be executed on an unattended workstation. Exploit conditions are described as local/physical ...
CVE-2013-7221
Technical details about CVE-2013-7221 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.