[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-3820":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-08T03:11:47.468Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":133,"aliases":143,"duplicate_of":9,"upstream":144,"downstream":145,"duplicates":166,"related":167,"reserved_at":9,"published_at":172,"modified_at":173,"state":174,"summary":175,"references_raw":183,"kevs":214,"epss":215,"epss_history":218,"metrics":486,"affected":504},"CVE-2019-3820","It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.",null,[11,60],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-287","Improper Authentication","When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.","weakness","Draft","Class","High",[20,24,28,32,36,40,44,48,52,56],{"id":21,"name":22,"techniques":23},"CAPEC-114","Authentication Abuse",[],{"id":25,"name":26,"techniques":27},"CAPEC-115","Authentication Bypass",[],{"id":29,"name":30,"techniques":31},"CAPEC-151","Identity Spoofing",[],{"id":33,"name":34,"techniques":35},"CAPEC-194","Fake the Source of Data",[],{"id":37,"name":38,"techniques":39},"CAPEC-22","Exploiting Trust in Client",[],{"id":41,"name":42,"techniques":43},"CAPEC-57","Utilizing REST's Trust in the System Resource to Obtain Sensitive Data",[],{"id":45,"name":46,"techniques":47},"CAPEC-593","Session Hijacking",[],{"id":49,"name":50,"techniques":51},"CAPEC-633","Token Impersonation",[],{"id":53,"name":54,"techniques":55},"CAPEC-650","Upload a Web Shell to a Web Server",[],{"id":57,"name":58,"techniques":59},"CAPEC-94","Adversary in the Middle (AiTM)",[],{"_key":61,"id":61,"name":62,"description":63,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":64},"CWE-285","Improper Authorization","The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.",[65,69,73,77,81,85,89,93,97,101,105,109,113,117,121,125,129],{"id":66,"name":67,"techniques":68},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[],{"id":70,"name":71,"techniques":72},"CAPEC-104","Cross Zone Scripting",[],{"id":74,"name":75,"techniques":76},"CAPEC-127","Directory Indexing",[],{"id":78,"name":79,"techniques":80},"CAPEC-13","Subverting Environment Variable Values",[],{"id":82,"name":83,"techniques":84},"CAPEC-17","Using Malicious Files",[],{"id":86,"name":87,"techniques":88},"CAPEC-39","Manipulating Opaque Client-based Data Tokens",[],{"id":90,"name":91,"techniques":92},"CAPEC-402","Bypassing ATA Password Security",[],{"id":94,"name":95,"techniques":96},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":98,"name":99,"techniques":100},"CAPEC-5","Blue Boxing",[],{"id":102,"name":103,"techniques":104},"CAPEC-51","Poison Web Service Registry",[],{"id":106,"name":107,"techniques":108},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":110,"name":111,"techniques":112},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[],{"id":114,"name":115,"techniques":116},"CAPEC-647","Collect Data from Registries",[],{"id":118,"name":119,"techniques":120},"CAPEC-668","Key Negotiation of Bluetooth Attack (KNOB)",[],{"id":122,"name":123,"techniques":124},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":126,"name":127,"techniques":128},"CAPEC-77","Manipulating User-Controlled Variables",[],{"id":130,"name":131,"techniques":132},"CAPEC-87","Forceful Browsing",[],[134],{"_key":135,"name":136,"source":137,"url":138,"maturity":139,"reliability_score":140,"verified":141,"type":9,"platforms":142,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_7AAB702DD2031288","Exploit Reference (bugzilla.redhat.com)","reference","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820","unknown",0.2,false,[],[],[],[146,148,150,152,154,156,158,160,162,164],{"_key":147},"SUSE-SU-2019:1459-1",{"_key":149},"RHSA-2020:1021",{"_key":151},"DEBIAN-CVE-2019-3820",{"_key":153},"SUSE-SU-2019:1390-1",{"_key":155},"UBUNTU-CVE-2019-3820",{"_key":157},"USN-3966-1",{"_key":159},"USN-7052-1",{"_key":161},"OPENSUSE-SU-2019:1582-1",{"_key":163},"OPENSUSE-SU-2024:10797-1",{"_key":165},"RHSA-2019:3553",[],[168,169,170,171],{"_key":147},{"_key":153},{"_key":161},{"_key":163},"2019-02-06T20:00:00.000Z","2024-08-04T19:19:18.588Z","Modified",{"cisa_kev":141,"cisa_ransomware":141,"cisa_vendor":9,"epss_severity":176,"epss_score":177,"severity":178,"severity_score":179,"severity_version":180,"severity_source":181,"severity_vector":182,"severity_status":174},"low",0.00045,"medium",4.8,"v3.0","cve.org","CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",[184,192,198,204,210],{"url":138,"sources":185,"tags":187},[181,186],"nvd",[188,189,190,191],"X Refsource CONFIRM","Exploit","Issue Tracking","Third Party Advisory",{"url":193,"sources":194,"tags":195},"https://gitlab.gnome.org/GNOME/gnome-shell/issues/851",[181,186],[196,190,197,191],"X Refsource MISC","Patch",{"url":199,"sources":200,"tags":201},"https://usn.ubuntu.com/3966-1/",[181,186],[202,203,191],"Vendor Advisory","X Refsource UBUNTU",{"url":205,"sources":206,"tags":207},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html",[181,186],[202,208,209,191],"X Refsource SUSE","Mailing List",{"url":211,"sources":212,"tags":213},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html",[181,186],[202,208,209,191],[],{"date":216,"score":177,"percentile":217},"2026-04-07",0.13644,[219,223,226,229,232,235,238,241,245,248,251,253,256,259,262,266,269,272,275,278,281,284,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,385,388,391,394,397,400,402,405,408,411,414,417,420,422,425,427,430,433,436,438,441,444,447,450,453,456,459,462,465,468,471,474,477,480,483],{"date":220,"score":221,"percentile":222},"2025-11-04",0.0005,0.15409,{"date":224,"score":221,"percentile":225},"2025-11-05",0.15439,{"date":227,"score":221,"percentile":228},"2025-11-06",0.15533,{"date":230,"score":221,"percentile":231},"2025-11-07",0.15559,{"date":233,"score":221,"percentile":234},"2025-11-08",0.15569,{"date":236,"score":221,"percentile":237},"2025-11-09",0.15545,{"date":239,"score":221,"percentile":240},"2025-11-10",0.15502,{"date":242,"score":243,"percentile":244},"2025-11-11",0.00048,0.14691,{"date":246,"score":243,"percentile":247},"2025-11-12",0.1473,{"date":249,"score":243,"percentile":250},"2025-11-13",0.14757,{"date":252,"score":243,"percentile":250},"2025-11-14",{"date":254,"score":243,"percentile":255},"2025-11-15",0.14716,{"date":257,"score":243,"percentile":258},"2025-11-16",0.14708,{"date":260,"score":243,"percentile":261},"2025-11-17",0.14665,{"date":263,"score":264,"percentile":265},"2025-11-18",0.00077,0.19118,{"date":267,"score":264,"percentile":268},"2025-11-19",0.19142,{"date":270,"score":264,"percentile":271},"2025-11-20",0.19131,{"date":273,"score":243,"percentile":274},"2025-11-21",0.1469,{"date":276,"score":177,"percentile":277},"2025-11-22",0.13467,{"date":279,"score":177,"percentile":280},"2025-11-23",0.13448,{"date":282,"score":177,"percentile":283},"2025-11-24",0.13408,{"date":285,"score":177,"percentile":286},"2025-11-25",0.13409,{"date":288,"score":177,"percentile":289},"2025-11-26",0.134,{"date":291,"score":177,"percentile":292},"2025-11-27",0.13399,{"date":294,"score":177,"percentile":295},"2025-11-28",0.1338,{"date":297,"score":177,"percentile":298},"2025-11-29",0.13352,{"date":300,"score":177,"percentile":301},"2025-11-30",0.13357,{"date":303,"score":177,"percentile":304},"2025-12-01",0.13393,{"date":306,"score":177,"percentile":307},"2025-12-02",0.13412,{"date":309,"score":177,"percentile":310},"2025-12-03",0.13434,{"date":312,"score":177,"percentile":313},"2025-12-04",0.13405,{"date":315,"score":177,"percentile":316},"2025-12-05",0.13477,{"date":318,"score":177,"percentile":319},"2025-12-06",0.13494,{"date":321,"score":177,"percentile":322},"2025-12-07",0.13476,{"date":324,"score":177,"percentile":325},"2025-12-08",0.13488,{"date":327,"score":177,"percentile":328},"2025-12-09",0.1355,{"date":330,"score":177,"percentile":331},"2025-12-10",0.13621,{"date":333,"score":177,"percentile":334},"2025-12-11",0.13655,{"date":336,"score":177,"percentile":337},"2025-12-12",0.137,{"date":339,"score":177,"percentile":340},"2025-12-13",0.13724,{"date":342,"score":177,"percentile":343},"2025-12-14",0.13699,{"date":345,"score":177,"percentile":346},"2025-12-15",0.13664,{"date":348,"score":177,"percentile":349},"2025-12-16",0.13668,{"date":351,"score":177,"percentile":352},"2025-12-17",0.13767,{"date":354,"score":177,"percentile":355},"2025-12-18",0.13825,{"date":357,"score":177,"percentile":358},"2025-12-19",0.13869,{"date":360,"score":177,"percentile":361},"2025-12-20",0.13858,{"date":363,"score":177,"percentile":364},"2025-12-21",0.13817,{"date":366,"score":177,"percentile":367},"2025-12-22",0.13769,{"date":369,"score":177,"percentile":370},"2025-12-23",0.13766,{"date":372,"score":177,"percentile":373},"2025-12-24",0.13763,{"date":375,"score":177,"percentile":376},"2025-12-25",0.13834,{"date":378,"score":177,"percentile":379},"2025-12-26",0.13794,{"date":381,"score":177,"percentile":382},"2025-12-27",0.13796,{"date":384,"score":177,"percentile":352},"2025-12-28",{"date":386,"score":177,"percentile":387},"2025-12-29",0.13665,{"date":389,"score":177,"percentile":390},"2025-12-30",0.13674,{"date":392,"score":177,"percentile":393},"2025-12-31",0.13737,{"date":395,"score":177,"percentile":396},"2026-01-01",0.1381,{"date":398,"score":177,"percentile":399},"2026-01-02",0.13798,{"date":401,"score":177,"percentile":373},"2026-01-03",{"date":403,"score":177,"percentile":404},"2026-01-04",0.13687,{"date":406,"score":177,"percentile":407},"2026-01-05",0.13641,{"date":409,"score":177,"percentile":410},"2026-01-06",0.13652,{"date":412,"score":177,"percentile":413},"2026-01-07",0.1369,{"date":415,"score":177,"percentile":416},"2026-01-08",0.1374,{"date":418,"score":177,"percentile":419},"2026-01-09",0.13748,{"date":421,"score":177,"percentile":352},"2026-01-10",{"date":423,"score":177,"percentile":424},"2026-01-11",0.13696,{"date":426,"score":177,"percentile":346},"2026-01-12",{"date":428,"score":177,"percentile":429},"2026-01-13",0.13636,{"date":431,"score":177,"percentile":432},"2026-01-14",0.13694,{"date":434,"score":177,"percentile":435},"2026-01-15",0.13693,{"date":437,"score":177,"percentile":393},"2026-01-16",{"date":439,"score":177,"percentile":440},"2026-01-17",0.13754,{"date":442,"score":177,"percentile":443},"2026-01-18",0.13679,{"date":445,"score":177,"percentile":446},"2026-01-19",0.13617,{"date":448,"score":177,"percentile":449},"2026-01-20",0.13598,{"date":451,"score":177,"percentile":452},"2026-01-21",0.13584,{"date":454,"score":177,"percentile":455},"2026-01-22",0.13546,{"date":457,"score":177,"percentile":458},"2026-01-23",0.13626,{"date":460,"score":177,"percentile":461},"2026-01-24",0.13671,{"date":463,"score":177,"percentile":464},"2026-01-25",0.13614,{"date":466,"score":177,"percentile":467},"2026-01-26",0.13545,{"date":469,"score":177,"percentile":470},"2026-01-27",0.13541,{"date":472,"score":177,"percentile":473},"2026-01-28",0.13549,{"date":475,"score":177,"percentile":476},"2026-01-29",0.13527,{"date":478,"score":177,"percentile":479},"2026-01-30",0.13534,{"date":481,"score":177,"percentile":482},"2026-01-31",0.1354,{"date":484,"score":177,"percentile":485},"2026-02-01",0.13553,[487,492],{"source":181,"cvss_v2_0":9,"cvss_v3_0":488,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":179,"baseSeverity":489,"vectorString":182,"impactScore":490,"exploitabilityScore":491},"MEDIUM",6.2,1.8,{"source":186,"cvss_v2_0":493,"cvss_v3_0":498,"cvss_v3_1":499,"cvss_v4_0":9},{"baseScore":494,"baseSeverity":9,"vectorString":495,"impactScore":496,"exploitabilityScore":497},4.6,"AV:L/AC:L/Au:N/C:P/I:P/A:P",6.4,3.9,{"baseScore":179,"baseSeverity":489,"vectorString":182,"impactScore":490,"exploitabilityScore":491},{"baseScore":500,"baseSeverity":489,"vectorString":501,"impactScore":502,"exploitabilityScore":503},4.3,"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",5.7,2.3,[505,516,532,542],{"ecosystem":9,"name":506,"vendor":507,"product":508,"cpe_part":509,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":510},"ubuntu linux","canonical","ubuntu_linux","o",[511,514],{"version":512,"is_range":141,"range_type":513,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04","cpe",{"version":515,"is_range":141,"range_type":513,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":517,"vendor":518,"product":517,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":520},"gnome-shell","gnome","a",[521,528],{"version":522,"is_range":523,"range_type":513,"version_start":524,"version_start_type":525,"version_end":526,"version_end_type":527,"fixed_in":9},"gte3.15.91_lt3.30.3",true,"3.15.91","including","3.30.3","excluding",{"version":529,"is_range":523,"range_type":513,"version_start":530,"version_start_type":525,"version_end":531,"version_end_type":527,"fixed_in":9},"gte3.31.0_lt3.31.5","3.31.0","3.31.5",{"ecosystem":9,"name":533,"vendor":534,"product":533,"cpe_part":509,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":535},"leap","opensuse",[536,538,540],{"version":537,"is_range":141,"range_type":513,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":539,"is_range":141,"range_type":513,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"version":541,"is_range":141,"range_type":513,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":517,"vendor":543,"product":517,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":544},"the gnome project",[545],{"version":546,"is_range":141,"range_type":181,"version_start":546,"version_start_type":525,"version_end":546,"version_end_type":525,"fixed_in":9},"since 3.15.91"]