Filtered by vendor Usbview Project
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-23220 | 4 Canonical, Debian, Gentoo and 1 more | 4 Ubuntu Linux, Debian Linux, Linux and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo. |