Vulnerabilities > Gnome > Gnome Display Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-12-28 CVE-2020-27837 Race Condition vulnerability in Gnome Display Manager
A flaw was found in GDM in versions prior to 3.38.2.1.
local
gnome CWE-362
4.4
2020-11-10 CVE-2020-16125 Improper Check for Unusual or Exceptional Conditions vulnerability in Gnome Display Manager
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
local
low complexity
gnome CWE-754
4.6
2019-02-06 CVE-2019-3825 Improper Authentication vulnerability in multiple products
A vulnerability was discovered in gdm before 3.31.4.
6.9
2018-08-14 CVE-2018-14424 Use After Free vulnerability in Gnome Display Manager
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
local
low complexity
gnome CWE-416
4.6
2018-07-26 CVE-2017-12164 Improper Initialization vulnerability in Gnome Display Manager 3.24.1
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin.
local
gnome CWE-665
6.9
2013-09-10 CVE-2013-4169 Link Following vulnerability in Gnome Display Manager
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.
local
gnome CWE-59
6.9