It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely.
Max CVSS
4.3
EPSS Score
0.05%
Published
2020-06-08
Updated
2021-11-02
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.
Max CVSS
6.9
EPSS Score
0.09%
Published
2019-02-06
Updated
2019-10-09
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
Max CVSS
4.8
EPSS Score
0.11%
Published
2019-02-06
Updated
2021-09-29
GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.
Max CVSS
7.2
EPSS Score
0.06%
Published
2015-01-16
Updated
2023-08-03
libsoup 2.32.2 and earlier does not validate certificates or clear the trust flag when the ssl-ca-file does not exist, which allows remote attackers to bypass authentication by connecting with a SSL connection.
Max CVSS
5.0
EPSS Score
0.60%
Published
2012-08-20
Updated
2017-08-29
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2011-09-02
Updated
2012-01-19
The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079.
Max CVSS
6.8
EPSS Score
1.06%
Published
2009-09-04
Updated
2017-09-19
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!