Vulnerabilities > Gnome > Gnome Display Manager

DATE CVE VULNERABILITY TITLE RISK
2020-12-28 CVE-2020-27837 Unspecified vulnerability in Gnome Display Manager
A flaw was found in GDM in versions prior to 3.38.2.1.
high complexity
gnome
6.4
2020-11-10 CVE-2020-16125 Improper Check for Unusual or Exceptional Conditions vulnerability in Gnome Display Manager
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
low complexity
gnome CWE-754
6.8
2019-11-05 CVE-2016-1000002 Information Exposure vulnerability in multiple products
gdm3 3.14.2 and possibly later has an information leak before screen lock
2.4
2019-02-06 CVE-2019-3825 Improper Authentication vulnerability in multiple products
A vulnerability was discovered in gdm before 3.31.4.
high complexity
gnome canonical redhat CWE-287
6.4
2018-08-14 CVE-2018-14424 Use After Free vulnerability in Gnome Display Manager
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
local
low complexity
gnome CWE-416
7.8
2018-07-26 CVE-2017-12164 Improper Initialization vulnerability in Gnome Display Manager 3.24.1
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin.
high complexity
gnome CWE-665
6.4