Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2025/01/15 3:48 a.m.6 views

SUSE CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

8.4CVSS7.1AI score0.00237EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/10/22 12:25 p.m.5 views

NetworkManager-libreswan: Local privilege escalation via leftupdown

A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading t...

7.8CVSS6.1AI score0.00452EPSS
Exploits0References6
Saint
Saint
added 2022/01/27 12:0 a.m.228 views

Polkit pkexec privilege elevation

Added: 01/27/2022 CVE: CVE-2021-4034 Background Polkit is a Linux package for handling policies that allow unprivileged processes to communicate with privileged processes. It includes a tool called pkexec that allows the user to execute commands as another user according to the polkit policy...

7.8CVSS8.7AI score0.94921EPSS
Exploits152
NVD
NVD
added 2019/11/25 2:15 p.m.28 views

CVE-2012-5617

gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation...

7.8CVSS7.8AI score0.00379EPSS
Exploits0References7
CNVD
CNVD
added 2017/04/18 12:0 a.m.4 views

Back In Time competitive conditions loophole

Back In Time aka backintime is a suite of Linux backup tools. A competitive condition vulnerability exists in the 'checkPolkitPrivilege' function of the serviceHelper.py file in Back In Time 1.1.18 and earlier versions. An attacker can exploit this vulnerability to replace the user's request...

9.3CVSS7.9AI score0.01083EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.24 views

Ubuntu Update for policykit-1 USN-1953-1

Check for the Version of policykit-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN19531.nasl 8456 2018-01-18 06:58:40Z teissa $ Ubuntu Update for policykit-1 USN-1953-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

7.2CVSS7.4AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2011/05/31 8:55 p.m.9 views

CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...

6.2AI score
Exploits0References10
Rows per page
Query Builder