Skip to main content

Sddm

3 CVEs product

Monthly

CVE-2020-28049 MEDIUM POC This Month

An issue was discovered in SDDM before 0.19.0. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Sddm Leap Debian Linux +1
NVD GitHub
CVSS 3.1
6.3
EPSS
0.4%
CVE-2018-14345 HIGH PATCH This Week

An issue was discovered in SDDM through 0.17.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Sddm
NVD GitHub
CVSS 3.0
7.5
EPSS
1.0%
CVE-2015-0856 MEDIUM PATCH This Month

daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Privilege Escalation Fedora Sddm
NVD GitHub
CVSS 2.0
4.6
EPSS
0.2%
EPSS 0% CVSS 6.3
MEDIUM POC This Month

An issue was discovered in SDDM before 0.19.0. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Sddm +3
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in SDDM through 0.17.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Sddm
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Privilege Escalation Fedora Sddm
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy