Gpm
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-4558 | Cri | 0.64 | 9.8 | 0.01 | May 12, 2025 | The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's password and use the modified password to log into the system. | ||
| CVE-2000-0229 | 0.03 | — | 0.00 | Mar 22, 2000 | gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||
| CVE-2001-1203 | 0.00 | — | 0.00 | Dec 27, 2001 | Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. |
- risk 0.64cvss 9.8epss 0.01
The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's password and use the modified password to log into the system.
- CVE-2000-0229Mar 22, 2000risk 0.03cvss —epss 0.00
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
- CVE-2001-1203Dec 27, 2001risk 0.00cvss —epss 0.00
Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges.