CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 3CVE-2010-0750
https://notcve.org/view.php?id=CVE-2010-0750
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument. pkexec.c en pkexec en libpolkit en PolicyKit v0.96 permite a usuarios locales determinar la existencia de ficheros de forma arbitraria a través del argumento. • http://bugs.freedesktop.org/show_bug.cgi?id=26982 http://cgit.freedesktop.org/PolicyKit/commit/?id=14bdfd816512a82b1ad258fa143ae5faa945df8a http://marc.info/?l=oss-security&m=127014095301235&w=2 http://marc.info/?l=oss-security&m=127014999113790&w=2 http://secunia.com/advisories/39149 http://secunia.com/advisories/48817 http://security.gentoo.org/glsa/glsa-201204-06.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/57543 https://launchpad.net/bugs/532852 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1658
https://notcve.org/view.php?id=CVE-2008-1658
Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password. Vulnerabilidad de cadena de formato en el grant helper (polkit-grant-helper.c) en el PolicyKit 0.7 y anteriores permite a atacantes remotos provocar denegación de servicio (caída) y allows attackers to cause a denial of service (crash) posiblemente ejecutar código de su elección mediante cademas de formato en una contraseña. • http://bugs.freedesktop.org/show_bug.cgi?id=15295 http://gitweb.freedesktop.org/?p=PolicyKit.git%3Ba=commitdiff%3Bh=5bc86a14cc0e356bcf8b5f861674f842869b1be7 http://secunia.com/advisories/29755 http://www.mandriva.com/security/advisories?name=MDVSA-2008:087 http://www.securityfocus.com/bid/28702 http://www.vupen.com/english/advisories/2008/1254 https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/205037 https://exchange.xforce.ibmcloud.com/vulnerabilities/41877 https://www.redhat.com/archives&# • CWE-134: Use of Externally-Controlled Format String •