Lucene search
K

157 matches found

Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30582 · Deepin · Lastore-Daemon

Name of the Vulnerable Software and Affected Versions: lastore-daemon versions 0.9.53-1 through 0.9.66-1 Description: A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux. The D-Bus configuration permits any user in the sudo...

8.5CVSS7.2AI score0.00358EPSS
Exploits0References8
Fedora
Fedora
added 2025/06/11 2:46 a.m.7 views

[SECURITY] Fedora 42 Update: dtk6widget-6.0.27-5.fc42

Deepin Tool Kit WidgetDtkWidget provides the base widgets on Deepin...

8.4CVSS7.3AI score0.00309EPSS
Exploits0
Fedora
Fedora
added 2025/06/11 2:46 a.m.9 views

[SECURITY] Fedora 42 Update: dtk6gui-6.0.27-6.fc42

Deepin Tool Kit DtkGui is the development graphical user interface of all C++/Qt Developer work on Deepin...

8.4CVSS7.3AI score0.00309EPSS
Exploits0
Fedora
Fedora
added 2025/06/11 2:46 a.m.7 views

[SECURITY] Fedora 42 Update: dtk6core-6.0.27-5.fc42

Deepin tool kit core modules...

8.4CVSS7.3AI score0.00309EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:9 a.m.15 views

CVE-2023-50254

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...

9.3CVSS7.5AI score0.02118EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2025/05/13 12:0 a.m.8 views

The vulnerability of the Deepin operating system’s dde-api-proxy component allows a hacker to gain root privileges.

The vulnerability of the dde-api-proxy component in the Deepin operating system is related to insufficient verification of the source of the communication channel. Exploiting this vulnerability can allow an attacker to gain root privileges...

8.4CVSS5.5AI score0.00237EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/01/24 5:15 p.m.16 views

CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

8.4CVSS0.00237EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/24 12:0 a.m.15 views

CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

8.4CVSS0.00237EPSS
Exploits0References3
CVE
CVE
added 2025/01/24 12:0 a.m.109 views

CVE-2025-23222

Deepin dde-api-proxy (v1.0.19 and earlier) exposes a local privilege-escalation flaw: the daemon runs as root and forwards local user D-Bus requests to legacy D-Bus services, which do not detect the proxy context. This can allow unprivileged users to access D-Bus methods that should be restricted...

8.4CVSS7.3AI score0.00237EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/01/15 3:48 a.m.6 views

SUSE CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

8.4CVSS7.1AI score0.00237EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/07/26 9:1 p.m.33 views

CVE-2023-50700

Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method...

4.5CVSS6.8AI score0.00163EPSS
Exploits0References6
NVD
NVD
added 2024/07/26 5:15 p.m.20 views

CVE-2023-50700

Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method...

7.8CVSS0.00163EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/26 12:0 a.m.16 views

CVE-2023-50700

Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method...

0.00163EPSS
Exploits0References3
CVE
CVE
added 2024/07/26 12:0 a.m.48 views

CVE-2023-50700

CVE-2023-50700 affects Deepin dde-file-manager up to version 6.0.54. The vulnerability is described as an insecure permission issue where unprivileged users can invoke privileged operations via a D-Bus method. The common descriptions across SUSE, Red Hat, NVD, CNNVD, and others reiterate the same...

7.8CVSS6.8AI score0.00163EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/26 12:0 a.m.13 views

CVE-2023-50700

Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method...

7AI score0.00163EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/26 12:0 a.m.6 views

PT-2024-13954 · Deepin · Deepin Dde-File-Manager

Name of the Vulnerable Software and Affected Versions: Deepin dde-file-manager versions 6.0.54 and earlier Description: The issue allows privileged operations to be called by unprivileged users via the D-Bus method. Recommendations: For Deepin dde-file-manager versions 6.0.54 and earlier, at the...

7.8CVSS6.8AI score0.00163EPSS
Exploits0References7
OSV
OSV
added 2024/06/15 12:0 a.m.7 views

OPENSUSE-SU-2024:13536-1 deepin-reader-5.10.23-2.1 on GA media

These are all security issues fixed in the deepin-reader-5.10.23-2.1 package on the GA media of openSUSE Tumbleweed...

9.3CVSS8.7AI score0.02118EPSS
Exploits2References1
OSV
OSV
added 2024/06/15 12:0 a.m.6 views

OPENSUSE-SU-2024:13541-1 deepin-compressor-5.12.13-2.1 on GA media

These are all security issues fixed in the deepin-compressor-5.12.13-2.1 package on the GA media of openSUSE Tumbleweed...

9.3CVSS8.7AI score0.01054EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.10 views

Fedora: Security Advisory for deepin-qt5integration (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.0097EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.10 views

Fedora: Security Advisory for deepin-qt5platform-plugins (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.0097EPSS
Exploits0References2
Rows per page
Query Builder