Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/11 12:0 a.m.2 views

EulerOS 2.0 SP11 : udisks2 (EulerOS-SA-2025-2249)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.9AI score0.00423EPSS
Exploits18References2
VulnCheck KEV
VulnCheck KEV
added 2025/10/09 12:0 a.m.12 views

VulnCheck KEV: CVE-2025-6019

A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the "allowactive" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allowactive" user on a syst...

7CVSS5.9AI score0.00423EPSS
In wildExploits18References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

EulerOS 2.0 SP12 : libblockdev (EulerOS-SA-2025-2045)

According to the versions of the libblockdev packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.8AI score0.00423EPSS
Exploits18References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

EulerOS 2.0 SP10 : udisks2 (EulerOS-SA-2025-2089)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.9AI score0.00423EPSS
Exploits18References2
CVE
CVE
added 2025/06/19 11:55 a.m.243 views

CVE-2025-6019

CVE-2025-6019 is a local privilege escalation in libblockdev that leverages the interaction with the udisks daemon and the Polkit “allow_active” setting to allow a physically present user to escalate to root. The issue arises when an attacker crafts an XFS image containing a SUID-root shell and m...

7CVSS7.4AI score0.00423EPSS
In wildExploits18References20
Tenable Nessus
Tenable Nessus
added 2019/05/29 12:0 a.m.33 views

EulerOS 2.0 SP3 : systemd (EulerOS-SA-2019-1599)

According to the version of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - systemd: Spoofing of XDGSEAT allows for actions to be checked against 'allowactive' instead of 'allowany'.CVE-2019-3842 Note that Tenable Network...

7CVSS5.7AI score0.01217EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2019/05/06 12:0 a.m.32 views

EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-1344)

According to the version of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - systemd: Spoofing of XDGSEAT allows for actions to be checked against 'allowactive' instead of 'allowany'.CVE-2019-3842 Note that Tenable Network...

7CVSS5.7AI score0.01217EPSS
Exploits3References2
OSV
OSV
added 2019/04/09 9:29 p.m.2 views

DEBIAN-CVE-2019-3842

In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...

7CVSS8AI score0.01217EPSS
Exploits3References1
Rows per page
Query Builder