Filtered by vendor Xscreensaver Project
Subscriptions
Filtered by product Xscreensaver
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34557 | 2 Fedoraproject, Xscreensaver Project | 2 Fedora, Xscreensaver | 2024-11-21 | 4.6 Medium |
| XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in update_screen_layout() allows an attacker to bypass the standard screen lock authentication mechanism by crashing XScreenSaver. The attacker must physically disconnect many video outputs. | ||||
| CVE-2021-31523 | 1 Xscreensaver Project | 1 Xscreensaver | 2024-11-21 | 7.8 High |
| The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Mesa 3D Graphics library dependency. | ||||
| CVE-2015-8025 | 2 Canonical, Xscreensaver Project | 2 Ubuntu Linux, Xscreensaver | 2024-11-21 | N/A |
| driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors. | ||||
| CVE-2011-2187 | 2 Debian, Xscreensaver Project | 2 Debian Linux, Xscreensaver | 2024-11-21 | 7.8 High |
| xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication. | ||||
Page 1 of 1.