Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.2 views

SUSE CVE-2013-4324

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkitunixprocessnew API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process...

4.6CVSS7.1AI score0.00384EPSS
Exploits0References4
OSV
OSV
added 2013/10/03 9:55 p.m.1 views

DEBIAN-CVE-2013-4327

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related issue to CVE-2013-4288...

6.9CVSS6.6AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2013/10/03 9:55 p.m.1 views

DEBIAN-CVE-2013-4324

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkitunixprocessnew API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process...

4.6CVSS7AI score0.00384EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2013/09/24 6:2 p.m.3 views

rtkit: insecure calling of polkit

RealtimeKit aka rtkit 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related issue to...

4.6CVSS6.6AI score0.00374EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/19 5:58 p.m.4 views

libvirt: insecure calling of polkit

libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a 1 setuid process or 2 pkexec process, a related issue to CVE-2013-4288...

4.6CVSS6.7AI score0.00404EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/19 5:55 p.m.5 views

polkit: unix-process subject for authorization is racy

Race condition in PolicyKit aka polkit allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to 1 the polkitunixprocessnew API function, 2 the dbus API, or 3 the --process...

7.2CVSS6.7AI score0.00342EPSS
Exploits0References4
Rows per page
Query Builder