Lucene search
K

1621 matches found

NVD
NVD
added 2026/06/22 4:16 p.m.6 views

CVE-2026-41048

Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot"...

8.4CVSS0.00133EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 4:16 p.m.6 views

CVE-2026-41045

A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...

8.1CVSS0.00136EPSS
Exploits0References3
CVE
CVE
added 2026/06/22 3:16 p.m.12 views

CVE-2026-41045

The CVE pertains to qSnapper prior to v1.3.3, where a time-to-check-time-of-use flaw in polkit authentication allows a local attacker to bypass qSnapper’s authentication and potentially operate as root. This is a local-priviliges issue with HIGH impact (C:H, I:H, A:H) and requires local access wi...

8.1CVSS5.9AI score0.00136EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/22 3:16 p.m.6 views

EUVD-2026-38259

A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...

8.1CVSS5.9AI score0.00136EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 3:16 p.m.28 views

CVE-2026-41045 Weak polkit authentication check in qSnapper

A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...

8.1CVSS0.00136EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.11 views

PT-2026-51335

Name of the Vulnerable Software and Affected Versions qSnapper versions prior to 1.3.3 Description Incorrect caching of authentication between different polkit PolicyKit, a component for controlling privileges in Unix-like operating systems methods allows a local attacker to perform unauthorized...

8.4CVSS5.8AI score0.00133EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Policykit-1

A vulnerability related to local privilege escalation was discovered in the polkit’s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to execute commands as privileged users according to predefined policies. The current version of pkexec does not proper...

7.8CVSS7.3AI score0.94921EPSS
Exploits151References2
GithubExploit
GithubExploit
added 2026/06/13 3:6 p.m.86 views

pac-exploits-priv

CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulne...

7.8CVSS7AI score0.94921EPSS
Exploits151
GithubExploit
GithubExploit
added 2026/06/13 2:42 p.m.98 views

kit-exploits-prv

Information Exploit Title: Local Privilege Escalation i...

9CVSS7.5AI score0.94921EPSS
Exploits158
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.9 views

EulerOS Virtualization 2.13.0 : polkit (EulerOS-SA-2026-2413)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.12 views

EulerOS Virtualization 2.13.1 : polkit (EulerOS-SA-2026-2384)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the...

5.5CVSS5.6AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

openSUSE 16 Security Update : polkit (openSUSE-SU-2026:20925-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20925-1 advisory. This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.6 views

EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2350)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2307)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.8 views

EulerOS 2.0 SP11 : polkit (EulerOS-SA-2026-2222)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.7 views

EulerOS 2.0 SP11 : polkit (EulerOS-SA-2026-2259)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/09 12:0 a.m.10 views

Security update for polkit (moderate)

openSUSE security update: security update for polkit ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20925-1 Rating: moderate References: bsc1260859 Cross-References: CVE-2026-4897 CVSS scores: CVE-2026-4897 SUSE : 5.5...

6.8CVSS5.4AI score0.00131EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 4:27 p.m.4 views

OPENSUSE-SU-2026:20925-1 Security update for polkit

This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...

5.5CVSS5.4AI score0.00131EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 4:26 p.m.4 views

SUSE-SU-2026:22054-1 Security update for polkit

This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...

5.5CVSS5.4AI score0.00131EPSS
Exploits0References3
CloudLinux
CloudLinux
added 2026/05/30 10:24 a.m.9 views

polkit: Fix of CVE-2018-1116

CVE-2018-1116: polkit trusts client-supplied UID in CheckAuthorization, allowing a local attacker to spoof or DoS the authentication-agent dialog of unrelated processes...

4.7CVSS5.5AI score0.01196EPSS
Exploits0
Rows per page
Query Builder