Vulnerabilities > KDE > Kauth > 4.95.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-07 | CVE-2019-7443 | Improper Input Validation vulnerability in multiple products KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. | 8.1 |
2017-05-17 | CVE-2017-8422 | Authentication Bypass by Spoofing vulnerability in KDE Kauth and Kdelibs KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. | 7.2 |
2014-08-19 | CVE-2014-5033 | Race Condition vulnerability in multiple products KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions." | 6.9 |