Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
polkit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1062
ubuntu-system-service 0.2.4 prior to 0.2.4.1. 0.2.3 prior to 0.2.3.1, and 0.2.2 prior to 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject ...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Michael Vogt Ubuntu-system-service 0.2.3
Michael Vogt Ubuntu-system-service 0.2.2
Michael Vogt Ubuntu-system-service 0.2.4
NA
CVE-2013-1063
usb-creator 0.2.47 prior to 0.2.47.1, 0.2.40 prior to 0.2.40ubuntu2, and 0.2.38 prior to 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Evan Dandrea Usb-creator 0.2.47
Evan Dandrea Usb-creator 0.2.40
Evan Dandrea Usb-creator 0.2.38
Evan Dandrea Usb-creator 0.2.38.1
NA
CVE-2013-1064
apt-xapian-index prior to 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1...
Canonical Apt-xapian-index 0.44ubuntu7.1
Canonical Apt-xapian-index 0.44ubuntu5.1
Canonical Apt-xapian-index
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
NA
CVE-2013-1066
language-selector 0.110.x prior to 0.110.1, 0.90.x prior to 0.90.1, and 0.79.x prior to 0.79.4 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject ra...
Ubuntu Developers Language-selector 0.79.1
Ubuntu Developers Language-selector 0.79.2
Ubuntu Developers Language-selector 0.79.3
Ubuntu Developers Language-selector 0.90
Ubuntu Developers Language-selector 0.110
Ubuntu Developers Language-selector 0.79
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
NA
CVE-2013-1065
backend.py in Jockey prior to 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pk...
Martin Pitt Jockey
Martin Pitt Jockey 0.9.7-0ubuntu7.8
Martin Pitt Jockey 0.9.7-0ubuntu7.1
Martin Pitt Jockey 0.9.7-0ubuntu7.6
Martin Pitt Jockey 0.9.7-0ubuntu7.5
Martin Pitt Jockey 0.9.7-0ubuntu7.4
Martin Pitt Jockey 0.9.7-0ubuntu7.3
Martin Pitt Jockey 0.9.7-0ubuntu7.9
Martin Pitt Jockey 0.9.7-0ubuntu7.7
Martin Pitt Jockey 0.9.7-0ubuntu7.2
Martin Pitt Jockey 0.9.7-0ubuntu7
Canonical Ubuntu Linux 12.04
NA
CVE-2013-4327
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-201...
Systemd Project Systemd
Debian Debian Linux 7.0
Canonical Ubuntu Linux 13.04
NA
CVE-2013-5651
The virBitmapParse function in util/virbitmap.c in libvirt prior to 1.1.2 allows context-dependent malicious users to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.
Redhat Libvirt 0.4.1
Redhat Libvirt 0.9.13
Redhat Libvirt 0.8.6
Redhat Libvirt 1.0.5.4
Redhat Libvirt 0.9.6.3
Redhat Libvirt 0.9.2
Redhat Libvirt 0.4.5
Redhat Libvirt 0.7.5
Redhat Libvirt 0.0.6
Redhat Libvirt 0.9.5
Redhat Libvirt 1.0.5.3
Redhat Libvirt 0.5.0
Redhat Libvirt 0.10.2.2
Redhat Libvirt
Redhat Libvirt 0.9.11.3
Redhat Libvirt 0.7.2
Redhat Libvirt 0.1.1
Redhat Libvirt 0.0.3
Redhat Libvirt 0.1.7
Redhat Libvirt 0.0.1
Redhat Libvirt 1.0.5
Redhat Libvirt 0.2.0
NA
CVE-2011-1485
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
Redhat Policykit 0.96
3 EDB exploits
1 Github repository
NA
CVE-2008-1658
Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and previous versions allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.
Freedesktop Policykit
Freedesktop Policykit 0.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4