Max CVSS | 7.2 | Min CVSS | 4.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-4288 | 7.2 |
Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new A
|
13-02-2023 - 04:45 | 03-10-2013 - 21:55 | |
CVE-2013-4327 | 6.9 |
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec proce
|
31-01-2022 - 17:39 | 03-10-2013 - 21:55 | |
CVE-2013-4324 | 4.6 |
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race co
|
17-06-2019 - 13:55 | 03-10-2013 - 21:55 | |
CVE-2013-4311 | 4.6 |
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2)
|
22-04-2019 - 17:48 | 03-10-2013 - 21:55 | |
CVE-2013-4326 | 4.6 |
RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process
|
22-04-2019 - 17:48 | 03-10-2013 - 21:55 |