Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-17651

Malicious code in bioql PyPI...

8.4CVSS6.3AI score0.00289EPSS
Exploits1References1
OSV
OSVadded 2024/05/08 2:15 a.m.4 views

CVE-2024-1929

Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The org.rpm.dnf.v0.SessionManager.opensession...

8.4CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2024/05/08 2:15 a.m.16 views

CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS7.7AI score0.00213EPSS
Exploits1References1
NVD
NVDadded 2024/05/08 2:15 a.m.16 views

CVE-2024-1929

Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The org.rpm.dnf.v0.SessionManager.opensession...

8.4CVSS8.3AI score0.00289EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/05/08 1:55 a.m.21 views

CVE-2024-2746 Incomplete fix for CVE-2024-1929

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS8AI score0.00213EPSS
Exploits1References1
CVE
CVEadded 2024/05/08 1:55 a.m.61 views

CVE-2024-2746

CVE-2024-2746 is an incomplete fix for CVE-2024-1929 affecting dnf5/libdnf5 where the D-Bus interface accepts untrusted configuration overrides, enabling local root control by loading user-supplied plugins or manipulating privileged files. Public reports describe potential DoS via large/blocked f...

8.8CVSS7.7AI score0.00289EPSS
Exploits1References1
CVE
CVEadded 2024/05/08 1:53 a.m.58 views

CVE-2024-1929

CVE-2024-1929 is a local root vulnerability in dnf5daemon-server prior to 5.1.17. The issue stems from a D-Bus config map (open_session) where an untrusted nested config map under the key

8.4CVSS6.9AI score0.00289EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/05/08 1:53 a.m.13 views

CVE-2024-1929 Local Root Exploit via Configuration Dictionary

Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The org.rpm.dnf.v0.SessionManager.opensession...

7.5CVSS7.3AI score0.00289EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/04/05 12:0 a.m.1 views

PT-2024-21910 · Dnf5 · Dnf5

Name of the Vulnerable Software and Affected Versions: dnf5 affected versions not specified Description: The issue arises from the dnf5 D-Bus daemon accepting arbitrary configuration parameters from unprivileged users. This allows a local root exploit by tricking the daemon into loading a...

8.8CVSS6.9AI score0.00213EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2024/03/05 12:0 a.m.3 views

PT-2024-18431 · Unknown +1 · Dnf5Daemon-Server +1

Name of the Vulnerable Software and Affected Versions: dnf5daemon-server versions before 5.1.17 Description: The issue concerns a local root exploit via a configuration dictionary in the dnf5daemon-server. It affects confidentiality and integrity. The org.rpm.dnf.v0.SessionManager.open session...

8.4CVSS5.9AI score0.00289EPSS
Exploits1References16
Rows per page
Query Builder