Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Debian Subscribe
Filtered by product Kde4libs
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-5033 3 Canonical, Debian, Kde 4 Ubuntu Linux, Kde4libs, Kauth and 1 more 2014-10-16 6.9 MEDIUM N/A
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."