Oracle Linux 7 : polkit (ELSA-2019-2046)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2046 advisory. - Mitigation of regression caused by fix of CVE-2018-19788 - Fix of CVE-2019-6133, PID reuse via slow fork - Fix of CVE-2018-19788, priv escalation with high UI...

CVE-2023-26604

A vulnerability was found in the systemd package. The systemd package does not adequately block local privilege escalation for some Sudo configurations, for example, plausible sudoers files, in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to ...

CVE-2023-26604

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...

VulnCheck KEV: CVE-2021-35064

KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg...

Security update for libvirt (moderate)

openSUSE Security Update: Security update for libvirt Announcement ID: openSUSE-SU-2021:3619-1 Rating: moderate References: 1177902 1183247 1186398 1190420 1190493 1190693 1190695 1190917 Affected Products: openSUSE Leap 15.3 An update that contains security fixes can now be installed. Descriptio...

SUSE-SU-2021:1108-1 Security update for ceph

This update for ceph fixes the following issues: - ceph was updated to to 15.2.9 - cephadm: fix 'inspect' and 'pull' bsc1182766 - CVE-2020-27839: mgr/dashboard: Use secure cookies to store JWT Token bsc1179997 - CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905 -...

[SECURITY] Fedora 31 Update: knot-resolver-5.1.3-1.fc31

The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is...

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-1656)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command. Mitigation Do not allow negative UIDs or UIDs greater than 2147483647...

NewStart CGSL CORE 5.05 / MAIN 5.05 : polkit Vulnerability (NS-SA-2019-0256)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has polkit packages installed that are affected by a vulnerability: - A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command. CVE-2018-1978...

Medium: polkit

Issue Overview: A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command.CVE-2018-19788 Affected Packages: polkit Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section f...

EulerOS 2.0 SP3 : polkit (EulerOS-SA-2019-2042)

According to the version of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl...

Command Execution

libpolkit.so is vulnerable to command execution. A lack of validation on the user's UID allows any user with a value greater than INTMAX to successfully execute any systemctl command...

Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command

Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit...

Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command

Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

DEBIAN-CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

ALPINE-CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...