Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
polkit project polkit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3255
The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions....
Polkit Project Polkit
NA
CVE-2015-3218
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an...
Polkit Project Polkit
9.8
CVSSv3
CVE-2011-0703
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session....
Gksu-polkit Project Gksu-polkit
Debian Debian Linux 6.0
7.8
CVSSv3
CVE-2012-5617
gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation...
Gksu-polkit Project Gksu-polkit -
Fedoraproject Fedora 18
Fedoraproject Fedora 19
NA
CVE-2015-3256
PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
Polkit Project Polkit
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
1 Github repository available
7.1
CVSSv3
CVE-2018-1116
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a...
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Polkit Project Polkit
7.8
CVSSv3
CVE-2021-3560
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest...
Polkit Project Polkit
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Redhat Openshift Container Platform 4.7
28 Github repositories available
1 Article available
7.8
CVSSv3
CVE-2013-4161
gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue....
Gksu-polkit Project Gksu-polkit 0.0.3
Fedoraproject Fedora 18
Fedoraproject Fedora 19
NA
CVE-2015-4625
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value....
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
Fedoraproject Fedora 22
Opensuse Opensuse 13.1
Polkit Project Polkit
5.5
CVSSv3
CVE-2021-4115
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and...
Polkit Project Polkit 0.117
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-29214
CVE-2022-29432
CVE-2022-1388
LFI
CVE-2022-1813
SSRF
CVE-2022-20821
CVE-2021-41834
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »