Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27691

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00213EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2025/09/04 2:34 a.m.4 views

Incomplete fix for CVE-2024-1929

...

8.8CVSS7AI score0.00289EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/05/06 9:21 p.m.12 views

CVE-2024-1929 affecting package dnf5 for versions less than 5.1.11-2

CVE-2024-1929 affecting package dnf5 for versions less than 5.1.11-2. A patched version of the package is available...

8.4CVSS7AI score0.00289EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 2:11 a.m.22 views

CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS6.7AI score0.00289EPSS
Exploits1References1
NVD
NVD
added 2024/05/08 2:15 a.m.21 views

CVE-2024-1929

Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The org.rpm.dnf.v0.SessionManager.opensession...

8.4CVSS8.3AI score0.00289EPSS
Exploits1References1
NVD
NVD
added 2024/05/08 2:15 a.m.20 views

CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS7.7AI score0.00213EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/08 1:55 a.m.14 views

CVE-2024-2746 Incomplete fix for CVE-2024-1929

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS7.1AI score0.00289EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/08 1:55 a.m.28 views

CVE-2024-2746 Incomplete fix for CVE-2024-1929

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS8AI score0.00213EPSS
Exploits1References1
CVE
CVE
added 2024/05/08 1:53 a.m.59 views

CVE-2024-1929

CVE-2024-1929 is a local root vulnerability in dnf5daemon-server prior to 5.1.17. The issue stems from a D-Bus config map (open_session) where an untrusted nested config map under the key

8.4CVSS6.9AI score0.00289EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/08 1:53 a.m.14 views

CVE-2024-1929 Local Root Exploit via Configuration Dictionary

Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The org.rpm.dnf.v0.SessionManager.opensession...

7.5CVSS7.3AI score0.00289EPSS
Exploits1References1
Rows per page
Query Builder