Max CVSS 7.2 Min CVSS 4.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-4324 4.6
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race co
17-06-2019 - 13:55 03-10-2013 - 21:55
CVE-2013-4326 4.6
RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process
22-04-2019 - 17:48 03-10-2013 - 21:55
CVE-2013-4311 4.6
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2)
22-04-2019 - 17:48 03-10-2013 - 21:55
CVE-2013-4288 7.2
Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new A
22-04-2019 - 17:48 03-10-2013 - 21:55
CVE-2013-4327 4.6
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec proce
19-10-2016 - 17:05 03-10-2013 - 21:55
Back to Top Mark selected
Back to Top