Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

UbuntuCve
UbuntuCveadded 2025/06/17 4:0 p.m.2 views

CVE-2025-6018

A Local Privilege Escalation LPE vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules PAM. This flaw allows an unprivileged local attacker for example, a user logged in via SSH to obtain the elevated privileges normally reserved for a physically present,...

7.8CVSS7.1AI score0.0009EPSS
Exploits13References2
SUSE CVE
SUSE CVEadded 2023/02/15 4:17 a.m.1 views

SUSE CVE-2019-3842

In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...

4.5CVSS7AI score0.00098EPSS
Exploits3References31
RedHat Linux
RedHat Linuxadded 2021/10/19 7:18 a.m.1 views

systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

It was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polkit policies using the...

7CVSS7.2AI score0.00098EPSS
Exploits3References4
Oracle linux
Oracle linuxadded 2021/05/25 12:0 a.m.44 views

systemd security, bug fix, and enhancement update

239-45.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...

7CVSS6.8AI score0.00137EPSS
Exploits3
RedHat Linux
RedHat Linuxadded 2021/05/18 3:28 p.m.2 views

systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

It was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polkit policies using the...

7CVSS7.2AI score0.00098EPSS
Exploits3References4
Microsoft CVE
Microsoft CVEadded 2020/08/18 7:0 a.m.3 views

In systemd before v242-rc4 it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker in some particular configurations to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the "allow_active" element rather than "allow_any".

...

7CVSS5.3AI score0.00098EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2019/07/16 12:0 a.m.46 views

SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-2)

This update for systemd fixes the following issues : Security issues fixed : CVE-2019-3842: Fixed a privilege escalation in pamsystemd which could be exploited by a local user bsc1132348. CVE-2019-6454: Fixed a denial of service via crafted D-Bus message bsc1125352. CVE-2019-3843, CVE-2019-3844:...

7.8CVSS5.6AI score0.00151EPSS
Exploits6References22
Rows per page
Query Builder