RSS   Vulnerabilities for 'SDDM'   RSS

2018-07-17
 
CVE-2018-14345

CWE-613
 

 
An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp.

 
2015-11-24
 
CVE-2015-0856

 

 
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.

 

 >>> Vendor: Sddm project 2 Products
sddm
SDDM


Copyright 2024, cxsecurity.com

 

Back to Top