|Max CVSS||6.8||Min CVSS||4.4||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
|25-09-2019 - 03:15||21-03-2019 - 16:01|
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin
|28-05-2019 - 19:29||11-01-2019 - 14:29|
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
|08-03-2019 - 18:42||04-02-2019 - 18:29|