Vulnerabilities > Systemd Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-03 | CVE-2023-26604 | Unspecified vulnerability in Systemd Project Systemd systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. | 7.8 |
| 2023-01-11 | CVE-2022-4415 | Unspecified vulnerability in Systemd Project Systemd A vulnerability was found in systemd. | 5.5 |
| 2022-11-23 | CVE-2022-45873 | Resource Exhaustion vulnerability in multiple products systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. | 5.5 |
| 2022-11-08 | CVE-2022-3821 | Off-by-one Error vulnerability in multiple products An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. | 5.5 |
| 2022-09-09 | CVE-2022-2526 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in systemd. | 9.8 |
| 2022-08-23 | CVE-2021-3997 | Uncontrolled Recursion vulnerability in multiple products A flaw was found in systemd. | 5.5 |
| 2021-07-20 | CVE-2021-33910 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash. | 4.9 |
| 2021-05-10 | CVE-2020-13529 | Authentication Bypass by Spoofing vulnerability in multiple products An exploitable denial-of-service vulnerability exists in Systemd 245. | 6.1 |
| 2020-06-03 | CVE-2020-13776 | Improper Privilege Management vulnerability in multiple products systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. | 6.2 |
| 2020-03-31 | CVE-2020-1712 | Use After Free vulnerability in multiple products A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. | 7.8 |