Screensaver Security Vulnerabilities and Issues — Screensaver CVE List

Lucene search

GnomeScreensaver

11 matches found

CVE•added 2010/02/24 6:30 p.m.•53 views

CVE-2010-0285

gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor.

5.6CVSS6.3AI score0.00083EPSS

CVE•added 2007/10/29 9:46 p.m.•52 views

CVE-2007-3920

GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

6.2CVSS6AI score0.00073EPSS

CVE•added 2010/03/19 7:30 p.m.•49 views

CVE-2010-0732

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unatten...

6.2CVSS9.2AI score0.00041EPSS

CVE•added 2008/04/06 11:44 p.m.•48 views

CVE-2008-0887

gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859.

4.7CVSS6.7AI score0.00239EPSS

CVE•added 2010/02/24 6:30 p.m.•47 views

CVE-2010-0422

gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting ...

4CVSS6.3AI score0.00076EPSS

CVE•added 2007/12/17 6:46 p.m.•43 views

CVE-2007-6389

The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.

2.1CVSS5.8AI score0.00073EPSS

CVE•added 2010/02/11 9:30 p.m.•40 views

CVE-2009-4641

gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.

7.2CVSS6.3AI score0.00053EPSS

CVE•added 2010/02/11 8:30 p.m.•40 views

CVE-2010-0414

gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.

7.2CVSS6.3AI score0.00053EPSS

CVE•added 2010/02/11 9:30 p.m.•39 views

CVE-2009-4642

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.

7.2CVSS6.6AI score0.00155EPSS

CVE•added 2006/03/21 1:6 a.m.•37 views

CVE-2006-1335

gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows attackers with physical access to cause the screensaver to crash and access the session via the Ctl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome.

3.7CVSS6.3AI score0.00077EPSS

CVE•added 2012/08/07 8:55 p.m.•30 views

CVE-2012-3452

gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen locking and access an unattended workstation.

3.3CVSS6.7AI score0.00067EPSS