Known Vulnerabilities for products from Polkit Project
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Polkit Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-4115 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-02-21 | 2023-11-07 |
| CVE-2021-4034 | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool desi... | 7.8 - HIGH | 2022-01-28 | 2023-11-07 |
| CVE-2021-3560 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2022-02-16 | 2023-11-07 |
| CVE-2019-6133 | In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and ther... | 6.7 - MEDIUM | 2019-01-11 | 2020-08-24 |
| CVE-2018-19788 | A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute a... | 8.8 - HIGH | 2018-12-03 | 2019-08-06 |
| CVE-2018-1116 | A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authori... | 4.4 - MEDIUM | 2018-07-10 | 2020-05-05 |
| CVE-2015-4625 | Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to... | 4.6 - MEDIUM | 2015-10-26 | 2018-10-30 |
| CVE-2015-3256 | PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon cra... | 4.6 - MEDIUM | 2015-10-26 | 2018-10-30 |
| CVE-2015-3255 | The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.11... | 4.6 - MEDIUM | 2015-10-26 | 2018-07-28 |
| CVE-2015-3218 | The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0... | 2.1 - LOW | 2015-10-26 | 2018-07-18 |
| CVE-2013-4288 | Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by ... | 7.2 - HIGH | 2013-10-03 | 2023-02-13 |
Known software with vulnerabilities from Polkit Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Polkit Project | Polkit | - |