Vulnerability Database
296,733
Total vulnerabilities in the database
CVE-2018-20781
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.
| Software | From | Fixed in |
|---|---|---|
| gnome / gnome_keyring | - | 3.27.2 |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| oracle / zfs_storage_appliance_kit | 8.8 | 8.8.x |
- https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
- https://bugzilla.gnome.org/show_bug.cgi?id=781486
- https://github.com/huntergregal/mimipenguin
- https://github.com/huntergregal/mimipenguin/tree/d95f1e08ce79783794f38433bbf7de5abd9792da
- https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
- https://gitlab.gnome.org/GNOME/gnome-keyring/tags/3.27.2
- https://usn.ubuntu.com/3894-1/
- https://www.oracle.com/security-alerts/cpujan2021.html
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime