CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Fedoraproject Xscreensaver Project2Fedora XscreensaverNov 21, 2024 Jun 10, 2021 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in update_screen_layout() allows an attacker to bypass the standard screen lock authentication mechanism...Show more |
1Xscreensaver Project 1Xscreensaver Nov 21, 2024 Apr 21, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with t...Show more |
2Debian Xscreensaver Project2Debian Linux XscreensaverNov 21, 2024 Nov 27, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication. |
2Canonical Xscreensaver Project2Ubuntu Linux XscreensaverMay 6, 2026 Nov 10, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors. |