1626 matches found
OPENSUSE-SU-2026:21222-1 Security update for systemd
This update for systemd fixes the following issues: Changes in systemd: - Better handle TLS allocation failure bsc1254924. - Disable mounting debugfs by default jscPED-8812. - Import commit 9e8b5afe0fb2061f4a17a3022469dd62f2683960 bsc1267647 bsc1267644 bsc1262305 bsc1263117. - Move systemd-pcrloc...
CVE-2026-41048
Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot"...
CVE-2026-41045
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...
CVE-2026-41048
Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot"...
CVE-2026-41048 Caching of Authentication allows Authentication Bypass in qSnapper
Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot"...
CVE-2026-41045
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...
CVE-2026-41045 Weak polkit authentication check in qSnapper
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...
CVE-2026-41045
The CVE pertains to qSnapper prior to v1.3.3, where a time-to-check-time-of-use flaw in polkit authentication allows a local attacker to bypass qSnapper’s authentication and potentially operate as root. This is a local-priviliges issue with HIGH impact (C:H, I:H, A:H) and requires local access wi...
EUVD-2026-38259
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...
PT-2026-51335
Name of the Vulnerable Software and Affected Versions qSnapper versions prior to 1.3.3 Description Incorrect caching of authentication between different polkit PolicyKit, a component for controlling privileges in Unix-like operating systems methods allows a local attacker to perform unauthorized...
pac-exploits-priv
CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulne...
kit-exploits-prv
Information Exploit Title: Local Privilege Escalation i...
EulerOS Virtualization 2.13.0 : polkit (EulerOS-SA-2026-2413)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the...
EulerOS Virtualization 2.13.1 : polkit (EulerOS-SA-2026-2384)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the...
openSUSE 16 Security Update : polkit (openSUSE-SU-2026:20925-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20925-1 advisory. This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2350)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2307)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP11 : polkit (EulerOS-SA-2026-2222)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP11 : polkit (EulerOS-SA-2026-2259)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
Security update for polkit (moderate)
openSUSE security update: security update for polkit ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20925-1 Rating: moderate References: bsc1260859 Cross-References: CVE-2026-4897 CVSS scores: CVE-2026-4897 SUSE : 5.5...