EUVD-2022-28309

Malicious code in bioql PyPI...

CVE-2022-23220

USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...

OPENSUSE-SU-2024:11774-1 usbview-3.0-1.1 on GA media

These are all security issues fixed in the usbview-3.0-1.1 package on the GA media of openSUSE Tumbleweed...

USBView: root privilege escalation via insecure polkit settings

Background USBView is a tool to display the topology of devices on the USB bus. Description A vulnerability has been discovered in usbview. Please review the CVE identifier referenced below for details. Impact USBView allows some local users e.g., ones logged in via SSH to execute arbitrary code ...

GLSA-202310-15 : USBView: root privilege escalation via insecure polkit settings

The remote host is affected by the vulnerability described in GLSA-202310-15 USBView: root privilege escalation via insecure polkit settings - USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g.,...

SUSE CVE-2022-23220

USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...

Fedora: Security Advisory for usbview (FEDORA-2022-421e65c5d4)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for usbview (FEDORA-2022-256142639c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: usbview-3.0-1.fc35

Display information about the topology of the devices connected to the USB bus on a Linux machine. It also displays detailed information on the individual devices...

[SECURITY] Fedora 34 Update: usbview-3.0-1.fc34

Display information about the topology of the devices connected to the USB bus on a Linux machine. It also displays detailed information on the individual devices...

Privilege Escalation

usbview is vulnerable to privilege escalation. The vulnerability exists because certain Polkit settings for pkexec disable the authentication requirement and allow Code execution...

Ubuntu 18.04 LTS / 20.04 LTS : USBView vulnerability (USN-5249-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5249-1 advisory. It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative...

Ubuntu: Security Advisory (USN-5249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5052-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2022-23220

USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...

CVE-2022-23220

USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...

CVE-2022-23220

USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...

CVE-2022-23220

USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...

Authentication flaw

USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...

[SECURITY] [DSA 5052-1] usbview security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5052-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 21, 2022 https://www.debian.org/security/faq -...