Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36 matches found

NVD
NVDadded 3 days ago5 views

CVE-2026-41045

A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...

8.1CVSS0.00128EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago6 views

EUVD-2026-38259

A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...

8.1CVSS5.9AI score0.00128EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-53994

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00353EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2022-34243

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00326EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:46 a.m.7 views

CVE-2023-4104

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.16.1 Linux...

5.5CVSS5.4AI score0.00353EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:32 a.m.7 views

CVE-2022-29934

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product...

7.8CVSS6.7AI score0.00326EPSS
Exploits1References1
NVD
NVDadded 2024/05/08 2:15 a.m.16 views

CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS7.7AI score0.00213EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/05/08 1:55 a.m.21 views

CVE-2024-2746 Incomplete fix for CVE-2024-1929

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS8AI score0.00213EPSS
Exploits1References1
NVD
NVDadded 2023/09/11 9:15 a.m.22 views

CVE-2023-4104

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.16.1 Linux...

5.5CVSS5.5AI score0.00353EPSS
Exploits1References6
UbuntuCve
UbuntuCveadded 2023/09/11 9:15 a.m.35 views

CVE-2023-4104

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.16.1 Linux...

5.5CVSS6.1AI score0.00353EPSS
Exploits1References8
CVE
CVEadded 2023/09/11 8:2 a.m.128 views

CVE-2023-4104

CVE-2023-4104 affects Mozilla VPN on Linux. The root cause is an invalid Polkit authentication check and missing authentication requirements for D-Bus methods, enabling any local user to configure arbitrary VPN setups. Impact is limited to Mozilla VPN on Linux; other OSes are unaffected. Mozilla ...

5.5CVSS5.4AI score0.00353EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichmentadded 2023/09/11 8:2 a.m.13 views

CVE-2023-4104

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.16.1 Linux...

5.4AI score0.00353EPSS
Exploits1References6
Mozilla
Mozillaadded 2023/08/30 12:0 a.m.30 views

Security Issues fixed in Mozilla VPN for Linux v2.16.1 — Mozilla

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected...

5.5CVSS6.6AI score0.00353EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2022/04/29 5:15 p.m.1 views

CVE-2022-29934

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product...

7.8CVSS7.1AI score0.00326EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/04/29 5:15 p.m.2 views

CVE-2022-29934

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product...

7.8CVSS7.1AI score0.00326EPSS
Exploits1References2
NVD
NVDadded 2022/04/29 5:15 p.m.11 views

CVE-2022-29934

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product...

7.8CVSS0.00326EPSS
Exploits1References1
Prion
Prionadded 2022/04/29 5:15 p.m.17 views

Design/Logic Flaw

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product...

7.2CVSS7.3AI score0.00326EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/04/29 4:35 p.m.14 views

CVE-2022-29934

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product...

7.6AI score0.00326EPSS
Exploits1References1
CVE
CVEadded 2022/04/29 4:35 p.m.77 views

CVE-2022-29934

Summary (CVE-2022-29934) : USU Oracle Optimization (pre-5.17.5) lacks Polkit authentication, enabling smartcollector users to gain root access via pkexec. This affects versions prior to 5.17.5 and is not an Oracle Corporation product. Impact (as documented) : local privilege escalation to root wi...

7.8CVSS7.4AI score0.00326EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/04/29 12:0 a.m.5 views

PT-2022-19918 · Usu · Usu Oracle Optimization

Name of the Vulnerable Software and Affected Versions: USU Oracle Optimization versions prior to 5.17.5 Description: The issue is related to a lack of Polkit authentication in USU Oracle Optimization, which allows smartcollector users to achieve root access via pkexec. This is not an Oracle...

7.8CVSS7.5AI score0.00326EPSS
Exploits1References5
Rows per page
Query Builder