Vulnerabilities (CVE)

Vendor filter

Gnome Subscribe

Product filter

Gnome Display Manager Subscribe

Filter

7 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-3825 3 Gnome, Canonical, Redhat 3 Gnome Display Manager, Ubuntu Linux, Enterprise Linux 2019-10-09 6.9
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain...
CVE-2017-12164 1 Gnome 1 Gnome Display Manager 2019-10-09 6.9
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
CVE-2018-14424 1 Gnome 1 Gnome Display Manager 2018-10-18 4.6
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls,...
CVE-2015-7496 2 Gnome, Fedoraproject 2 Gnome Display Manager, Fedora 2018-01-05 7.2
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.
CVE-2010-2387 1 Gnome 1 Gnome Display Manager 2017-08-17 1.9
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the...
CVE-2013-7273 1 Gnome 1 Gnome Display Manager 2014-04-30 2.1
GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.
CVE-2013-4169 1 Gnome 1 Gnome Display Manager 2013-09-12 6.9
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.