High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-16	CVE-2021-3560	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. local low complexity polkit-project debian canonical redhat CWE-754	7.8
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2018-12-03	CVE-2018-19788	Improper Input Validation vulnerability in multiple products A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command. network low complexity polkit-project debian canonical CWE-20	8.8