Skip to main content

Gnome Display Manager

7 CVEs product

Monthly

CVE-2020-27837 MEDIUM PATCH This Month

A flaw was found in GDM in versions prior to 3.38.2.1. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required.

Race Condition Authentication Bypass Gnome Display Manager
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2020-16125 MEDIUM POC This Month

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Ubuntu Information Disclosure Gnome Display Manager
NVD GitHub
CVSS 3.1
6.8
EPSS
1.1%
CVE-2019-3825 MEDIUM POC This Month

A vulnerability was discovered in gdm before 3.31.4. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Gnome Display Manager Ubuntu Linux Enterprise Linux
NVD
CVSS 3.0
6.4
EPSS
0.5%
CVE-2018-14424 HIGH This Week

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Denial Of Service Gnome Display Manager
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2015-7496 HIGH PATCH This Week

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Fedora Gnome Display Manager
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2013-7273 LOW Monitor

GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Gnome Display Manager
NVD VulDB
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-4169 MEDIUM PATCH This Month

GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. Rated medium severity (CVSS 6.9).

Information Disclosure Gnome Display Manager
NVD
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

A flaw was found in GDM in versions prior to 3.38.2.1. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required.

Race Condition Authentication Bypass Gnome Display Manager
NVD
EPSS 1% CVSS 6.8
MEDIUM POC This Month

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Ubuntu Information Disclosure Gnome Display Manager
NVD GitHub
EPSS 1% CVSS 6.4
MEDIUM POC This Month

A vulnerability was discovered in gdm before 3.31.4. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Gnome Display Manager Ubuntu Linux +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +2
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Fedora Gnome Display Manager
NVD
EPSS 0% CVSS 2.1
LOW Monitor

GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Gnome Display Manager
NVD VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. Rated medium severity (CVSS 6.9).

Information Disclosure Gnome Display Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy