← Back

Kylinos

kylinos

6 CVEs • 5 products

Products (5)

Click to collapse
Toggle
Kylin Software Properties
kylin-software-properties
2 CVEs
Kylin Os
kylin_os
1 CVE
Youker Assistant
youker-assistant
1 CVE
Hedron Domain Hook
hedron-domain-hook
1 CVE
Kylin System Updater
kylin-system-updater
1 CVE

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-7093
1Kylinos
1Kylin System Updater
Nov 21, 2024
Dec 25, 2023
N/A· v4
7.8 HIGH· v3
4.3 MEDIUM· v2
A vulnerability classified as critical has been found in KylinSoft kylin-system-updater up to 2.0.5.16-0k2.33. Affected is an unknown function of the file /usr/share/kylin-system-updater/SystemUpdater/UpgradeStrategiesDb...Show more
A vulnerability classified as critical has been found in KylinSoft kylin-system-updater up to 2.0.5.16-0k2.33. Affected is an unknown function of the file /usr/share/kylin-system-updater/SystemUpdater/UpgradeStrategiesDbus.py of the component com.kylin.systemupgrade Service. The manipulation of the argument SetDownloadspeedMax leads to os command injection. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248940. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-7025
1Kylinos
1Hedron Domain Hook
Nov 21, 2024
Dec 21, 2023
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function init_kcm of the component DBus Handler. The manipulation leads to...Show more
A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function init_kcm of the component DBus Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-248578 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-3097
1Kylinos
1Kylin Software Properties
Nov 21, 2024
Jun 5, 2023
N/A· v4
7.8 HIGH· v3
4.3 MEDIUM· v2
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been rated as critical. This issue affects the function setMainSource. The manipulation leads to os command injection. Local access is r...Show more
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been rated as critical. This issue affects the function setMainSource. The manipulation leads to os command injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 0.0.1-130 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230687. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-3096
1Kylinos
1Kylin Software Properties
Nov 21, 2024
Jun 5, 2023
N/A· v4
7.8 HIGH· v3
4.3 MEDIUM· v2
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An...Show more
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 0.0.1-130 is able to address this issue. It is recommended to upgrade the affected component. VDB-230686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-2091
1Kylinos
1Youker Assistant
Nov 21, 2024
Apr 15, 2023
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function adjust_cpufreq_scaling_governer. The manipulation leads to os command injection. I...Show more
A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function adjust_cpufreq_scaling_governer. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.4.13 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-226099.Show less
CVE-2023-1164
1Kylinos
1Kylin Os
Nov 21, 2024
Mar 3, 2023
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
A vulnerability was found in KylinSoft kylin-activation on KylinOS and classified as critical. Affected by this issue is some unknown functionality of the component File Import. The manipulation leads to improper authori...Show more
A vulnerability was found in KylinSoft kylin-activation on KylinOS and classified as critical. Affected by this issue is some unknown functionality of the component File Import. The manipulation leads to improper authorization. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.11-23 and 1.30.10-5.p23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222260.Show less