CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2015-3643 – usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-3643
27 Sep 2017 — usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method. usb-creator en versiones anteriores a 0.2.38.3ubuntu0.1 en Ubuntu 12.04 LTS, en versiones anteriores a 0.2.56.3ubuntu0.1 en Ubuntu 14.04 LTS, en versiones anteriores a 0.2.62ubuntu0.3 en Ubuntu 14.10 y en versiones anteri... • https://www.exploit-db.com/exploits/36820 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2013-1063 – Ubuntu Security Notice USN-1963-1
https://notcve.org/view.php?id=CVE-2013-1063
18 Sep 2013 — usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. usb-creator 0.2.47 anterior a la versión 0.2.47.1, 0.2.40 anterior a 0.2.40ubuntu2, y 0.2.38 anterior a la versión 0.2.38.2 no utiliza adecu... • http://secunia.com/advisories/54901 • CWE-264: Permissions, Privileges, and Access Controls •