Vulnerabilities > Gnome > Gnome Keyring
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-20 | CVE-2012-6111 | Improper Input Validation vulnerability in multiple products gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function | 5.0 |
| 2019-02-12 | CVE-2018-20781 | Insufficiently Protected Credentials vulnerability in multiple products In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. | 2.1 |
| 2018-11-18 | CVE-2018-19358 | Unspecified vulnerability in Gnome Gnome-Keyring GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. | 7.8 |
| 2012-10-22 | CVE-2012-3466 | Permissions, Privileges, and Access Controls vulnerability in Gnome Gnome-Keyring 3.4.0/3.4.1 GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors. | 4.4 |