479 matches found
DSA-5059-1 policykit-1 - security update
Bulletin has no description...
DLA-2899-1 policykit-1 - security update
Bulletin has no description...
[SECURITY] [DSA 5052-1] usbview security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5052-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 21, 2022 https://www.debian.org/security/faq -...
USBView 访问控制错误漏洞
USBView is a USB viewer for Linux. An access control error vulnerability exists in USBView that stems from certain Polkit settings in the product that disable privilege authentication. An attacker can execute arbitrary code as root with the -gtk-module option. The following products and versions...
Denial Of Service (DoS)
policykit-1 is vulnerable to denial of service. The vulnerability exists due to the system unable to get a unique uid and pid of the process and it cannot verify the privileges of the requesting process...
Ubuntu: Security Advisory (USN-4980-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4980-1: polkit vulnerability
Kevin Backhouse discovered that polkit incorrectly handled errors in the polkitsystembusnamegetcredssync function. A local attacker could possibly use this issue to escalate privileges...
USN-4980-1 policykit-1 vulnerability
Kevin Backhouse discovered that polkit incorrectly handled errors in the polkitsystembusnamegetcredssync function. A local attacker could possibly use this issue to escalate privileges...
Denial Of Service (DoS)
aptdaemon is vulnerable to denial of service DoS. The vulnerability exists as policykit checks are too late...
CVE-2020-27349
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
CVE-2020-27349
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
Code injection
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
CVE-2020-27349
Apt-daemon (aptdaemon) vulnerability CVE-2020-27349 affects Ubuntu runtimes and is described as: Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges, with affected package versions listed as 1.1.1+bzr982-0ubuntu14.5 up to 1.1.1+bzr982-0...
CVE-2020-27349 aptdaemon performed policykit permissions checks too late
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3503-1)
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...
CVE-2020-27349
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
Aptdaemon Security Vulnerabilities
Aptdaemon is a code library for pypi for individual developers. The library functions allow package management tasks to be performed in a DBus-controlled background process. A security vulnerability exists in Aptdaemon, which can be exploited by an attacker to trigger a denial of service via a...
UBUNTU-CVE-2020-27349
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
Privilege Escalation
PackageKit is vulnerable to privilege escalation attacks. A local authenticated attacker could install malicious packages using a configured PolicyKit...
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...