Vulnerabilities > Gnome > Gnome Keyring

DATE CVE VULNERABILITY TITLE RISK
2019-12-20 CVE-2012-6111 Improper Input Validation vulnerability in multiple products
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function
network
low complexity
gnome debian CWE-20
5.0
2019-02-12 CVE-2018-20781 Insufficiently Protected Credentials vulnerability in multiple products
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon.
local
low complexity
gnome canonical oracle CWE-522
2.1
2018-11-18 CVE-2018-19358 Unspecified vulnerability in Gnome Gnome-Keyring
GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320.
local
low complexity
gnome
7.8
2012-10-22 CVE-2012-3466 Permissions, Privileges, and Access Controls vulnerability in Gnome Gnome-Keyring 3.4.0/3.4.1
GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.
local
gnome CWE-264
4.4