1621 matches found
CVE-2026-41048
Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot"...
CVE-2026-41045
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...
CVE-2026-41045
The CVE pertains to qSnapper prior to v1.3.3, where a time-to-check-time-of-use flaw in polkit authentication allows a local attacker to bypass qSnapper’s authentication and potentially operate as root. This is a local-priviliges issue with HIGH impact (C:H, I:H, A:H) and requires local access wi...
EUVD-2026-38259
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...
CVE-2026-41045 Weak polkit authentication check in qSnapper
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...
PT-2026-51335
Name of the Vulnerable Software and Affected Versions qSnapper versions prior to 1.3.3 Description Incorrect caching of authentication between different polkit PolicyKit, a component for controlling privileges in Unix-like operating systems methods allows a local attacker to perform unauthorized...
Astra Linux – Vulnerability in Policykit-1
A vulnerability related to local privilege escalation was discovered in the polkit’s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to execute commands as privileged users according to predefined policies. The current version of pkexec does not proper...
pac-exploits-priv
CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulne...
kit-exploits-prv
Information Exploit Title: Local Privilege Escalation i...
EulerOS Virtualization 2.13.0 : polkit (EulerOS-SA-2026-2413)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the...
EulerOS Virtualization 2.13.1 : polkit (EulerOS-SA-2026-2384)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the...
openSUSE 16 Security Update : polkit (openSUSE-SU-2026:20925-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20925-1 advisory. This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2350)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2307)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP11 : polkit (EulerOS-SA-2026-2222)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP11 : polkit (EulerOS-SA-2026-2259)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
Security update for polkit (moderate)
openSUSE security update: security update for polkit ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20925-1 Rating: moderate References: bsc1260859 Cross-References: CVE-2026-4897 CVSS scores: CVE-2026-4897 SUSE : 5.5...
OPENSUSE-SU-2026:20925-1 Security update for polkit
This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...
SUSE-SU-2026:22054-1 Security update for polkit
This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...
polkit: Fix of CVE-2018-1116
CVE-2018-1116: polkit trusts client-supplied UID in CheckAuthorization, allowing a local attacker to spoof or DoS the authentication-agent dialog of unrelated processes...