Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 4 : spice-gtk-0.20-11.AXS4 (AXSA:2014-014:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-014:01 advisory. Client libraries for SPICE desktop servers. Security issues fixed with this release: CVE-2013-4324 spice-gtk 0.14, and possibly other versions, invokes the...

7.2CVSS8.1AI score0.00384EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-4932

Malware in sbrugna...

6.9CVSS6.2AI score0.00359EPSS
Exploits1References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-4212

Malware in sbrugna...

6.9CVSS7.8AI score0.00419EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-1106

Malware in sbrugna...

4.6CVSS6.2AI score0.00375EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 11:23 a.m.11 views

CVE-2013-1062

ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1...

7.2CVSS6.4AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:21 a.m.7 views

CVE-2013-1064

apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2...

7.2CVSS6.4AI score0.00378EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4325

The checkpermissionv1 function in base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race conditio...

6.9CVSS6.5AI score0.00419EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.5 views

SUSE CVE-2014-5033

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, related to...

6.9CVSS7AI score0.00359EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.24 views

Slackware: Security Advisory (SSA:2013-291-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.6AI score0.00419EPSS
Exploits0References2
OSV
OSV
added 2017/04/06 6:59 p.m.4 views

UBUNTU-CVE-2017-7572

The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...

8.1CVSS5.8AI score0.01083EPSS
Exploits0References2
OSV
OSV
added 2014/07/23 12:0 a.m.4 views

UBUNTU-CVE-2014-5033

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, related to...

6.9CVSS5.8AI score0.00359EPSS
Exploits1References3
Slackware Linux
Slackware Linux
added 2013/10/19 5:18 a.m.45 views

[slackware-security] hplip

New hplip packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/hplip-3.12.9-i486-3slack14.0.txz: Rebuilt. This fixes a polkit race condition that could allow local users to bypass...

6.9CVSS6.1AI score0.00419EPSS
Exploits0
OSV
OSV
added 2013/10/03 9:55 p.m.10 views

CVE-2013-4311

libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a 1 setuid process or 2 pkexec process, a related issue to CVE-2013-4288...

8.2AI score
Exploits0References7
OSV
OSV
added 2013/10/03 9:55 p.m.6 views

CVE-2013-1061

dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...

6.1AI score
Exploits0References7
OSV
OSV
added 2013/10/03 9:55 p.m.3 views

DEBIAN-CVE-2013-1061

dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...

4.6CVSS6.6AI score0.00361EPSS
Exploits0References1
Prion
Prion
added 2013/10/03 9:55 p.m.28 views

Race condition

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkitunixprocessnew API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process...

4.6CVSS6.4AI score0.00384EPSS
Exploits0References5Affected Software2
RedHat Linux
RedHat Linux
added 2013/09/19 5:56 p.m.4 views

spice-gtk: Insecure calling of polkit via polkit_unix_process_new()

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkitunixprocessnew API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process...

4.6CVSS6.7AI score0.00384EPSS
Exploits0References4
Rows per page
Query Builder