VYPR
Vendor

Lxde

Products
5
CVEs
5
Across products
7
Status
Private

Products

5

Recent CVEs

5
  • CVE-2015-8308HigAug 24, 2017
    risk 0.51cvss 7.8epss 0.00

    LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.

  • CVE-2016-10369HigMay 8, 2017
    risk 0.51cvss 7.8epss 0.00

    unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

  • CVE-2010-2532Sep 3, 2010
    risk 0.00cvss epss 0.00

    lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not lock the screen when the Suspend or Hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action.…

  • CVE-2008-3904Sep 4, 2008
    risk 0.00cvss epss 0.02

    src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.

  • CVE-2008-3791Sep 3, 2008
    risk 0.00cvss epss 0.00

    src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file.