Search CVE reports


Toggle filters

1 – 10 of 20 results


CVE-2020-27837

Low priority
Vulnerable

A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without...

1 affected package

gdm3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm3 Not affected Vulnerable Vulnerable Not affected Not affected
Show less packages

CVE-2020-16125

Medium priority

Some fixes available 11 of 12

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with...

1 affected package

gdm3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm3 Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2016-1000002

Low priority
Vulnerable

gdm3 3.14.2 and possibly later has an information leak before screen lock

1 affected package

gdm3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm3 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2019-3825

Medium priority

Some fixes available 14 of 15

A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they...

1 affected package

gdm3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm3 Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2018-14424

Medium priority

Some fixes available 14 of 15

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus...

1 affected package

gdm3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm3 Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2017-12164

Medium priority
Fixed

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.

1 affected package

gdm3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm3 Not affected
Show less packages

CVE-2015-7496

Medium priority
Ignored

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

2 affected packages

gdm, gdm3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm Not in release Not in release
gdm3 Not affected Not affected
Show less packages

CVE-2012-6648

Medium priority

Some fixes available 7 of 8

gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier...

2 affected packages

gdm-guest-session, lightdm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm-guest-session
lightdm
Show less packages

CVE-2011-4970

Medium priority
Vulnerable

Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6, as used in EGI UDM, allow remote attackers to execute arbitrary SQL commands via the (1) r_token variable in the dpm_get_pending_req_by_token, (2)...

2 affected packages

dpm, lcgdm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dpm Not in release Not in release Not in release Not in release Not in release
lcgdm Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2013-7273

Medium priority
Ignored

GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.

1 affected package

gdm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdm Not in release Not in release
Show less packages