VYPR

Policykit

by Xorg

CVEs (5)

  • CVE-2018-19788Dec 3, 2018
    risk 0.05cvss epss 0.11

    A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

  • CVE-2015-3255Oct 26, 2015
    risk 0.00cvss epss 0.00

    The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.

  • CVE-2011-4945Oct 1, 2012
    risk 0.00cvss epss 0.00

    PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the wheel group to gain root privileges without authentication.

  • CVE-2010-0750Apr 6, 2010
    risk 0.00cvss epss 0.00

    pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.

  • CVE-2008-1658Apr 11, 2008
    risk 0.00cvss epss 0.01

    Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.