10 matches found
CVE-2025-66005
Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session...
CVE-2025-14338 Polkit authentication dis isabled by default in inputplumber
Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005...
CVE-2025-14338 Polkit authentication dis isabled by default in inputplumber
Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005...
CVE-2025-14338
CVE-2025-14338 describes a Polkit-related race condition affecting authentication checks, tied to InputPlumber and echoing issues from CVE-2025-66005. Affected software/component: Polkit authorization checks in versions before v0.69.0, with the note that Polkit authentication is disabled by defau...
CVE-2025-66005 Lack of Authentication in the InputManager D-Bus interface
Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session...
CVE-2025-66005
InputPlumber’s InputManager D‑Bus interface lacks authorization in versions before v0.63.0, allowing local impact in the active user session: Denial‑of‑Service, information disclosure, or privilege escalation. Affected component: InputPlumber (InputManager D‑Bus). Root cause: missing authorizatio...
CVE-2025-66005 Lack of Authentication in the InputManager D-Bus interface
Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session...
CVE-2025-66005
Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session...
InputPlumber 安全漏洞
InputPlumber is an open source input device routing daemon from ShadowBlip. A security vulnerability exists in InputPlumber versions prior to v0.63.0, which stems from a lack of authorization and could lead to a local denial of service, information disclosure, or elevation of privilege...
InputPlumber 访问控制错误漏洞
InputPlumber is an input device routing daemon in the ShadowBlip open source. An access control error vulnerability exists in InputPlumber that stems from the presence of a race condition in authorization checking...