📦

policykit

Vendor: freedesktop

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 1 Remote Access

Total CVEs 226 Total Indexed

Avg. EPSS 1.45% Exploit Prob.

Latest CVE CVE-2011-4945 Oct 01

Security Vulnerability Index

Page 1 / 23

6.9 CVSS

CVE-2011-4945

PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the wheel group to gain root privileges without authentication.

EPSS: 0.04%

Severity: MEDIUM

Oct 01, 2012

6.9 CVSS

CVE-2011-1485

Exploit Found

Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.

EPSS: 5.54%

Severity: MEDIUM

May 31, 2011

2.1 CVSS

CVE-2010-0750

pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.

EPSS: 0.08%

Severity: LOW

Apr 06, 2010

4.6 CVSS

CVE-2008-1658

RCE

Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.

EPSS: 0.13%

Severity: MEDIUM

Apr 11, 2008

Displaying 4 of 226 Total Entries

1 2 3 4 5 ... 23

Total 23 Sections