Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
polkit vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2018-18955
In the Linux kernel 4.15.x up to and including 4.19.x prior to 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace ca...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
5 EDB exploits
6 Github repositories
4.4
CVSSv3
CVE-2018-1116
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a l...
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Polkit Project Polkit
8.1
CVSSv3
CVE-2017-7572
The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and previous versions uses a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use). With this authorization method, the ...
Backintime Project Backintime
NA
CVE-2015-4625
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) prior to 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
Fedoraproject Fedora 22
Opensuse Opensuse 13.1
Polkit Project Polkit
NA
CVE-2015-3218
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) prior to 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an i...
Polkit Project Polkit
NA
CVE-2015-3255
The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) prior to 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.
Polkit Project Polkit
NA
CVE-2014-5033
KDE kdelibs prior to 4.14 and kauth prior to 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) p...
Canonical Ubuntu Linux 14.04
Debian Kde4libs -
Canonical Ubuntu Linux 12.04
Kde Kdelibs 4.12.95
Kde Kdelibs 4.12.90
Kde Kdelibs 4.11.97
Kde Kdelibs 4.11.95
Kde Kdelibs 4.11.1
Kde Kdelibs 4.11.0
Kde Kdelibs
Kde Kdelibs 4.13.95
Kde Kauth
Kde Kdelibs 4.13.3
Kde Kdelibs 4.12.80
Kde Kdelibs 4.12.5
Kde Kdelibs 4.11.90
Kde Kdelibs 4.11.80
Kde Kdelibs 4.10.97
Kde Kdelibs 4.10.95
Kde Kdelibs 4.13.90
Kde Kdelibs 4.13.80
Kde Kdelibs 4.13.0
NA
CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing (HPLIP) up to and including 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
Hp Linux Imaging And Printing Project
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.13.5
Hp Linux Imaging And Printing Project 3.13.4
Hp Linux Imaging And Printing Project 3.12.6
Hp Linux Imaging And Printing Project 3.12.4
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.13.8
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.13.3
Hp Linux Imaging And Printing Project 3.13.2
Hp Linux Imaging And Printing Project 3.12.2
Hp Linux Imaging And Printing Project 3.11.12
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.13.10
Hp Linux Imaging And Printing Project 3.13.9
NA
CVE-2013-6427
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x up to and including 3.13.11 launches a program from an http URL, which allows man-in-the-middle malicious users to execute arbitrary code by gaining control over the client-server data stream.
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.13.5
Hp Linux Imaging And Printing Project 3.13.4
Hp Linux Imaging And Printing Project 3.12.4
Hp Linux Imaging And Printing Project 3.12.2
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.13.8
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.13.3
Hp Linux Imaging And Printing Project 3.13.2
Hp Linux Imaging And Printing Project 3.11.12
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.13.7
Hp Linux Imaging And Printing Project 3.13.6
Hp Linux Imaging And Printing Project 3.12.10
Hp Linux Imaging And Printing Project 3.12.9
NA
CVE-2013-4327
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-201...
Systemd Project Systemd
Debian Debian Linux 7.0
Canonical Ubuntu Linux 13.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »