Lucene search
+L

83 matches found

osv
osv
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-783 aptdaemon Information Disclosure via Improper Input Validation in Transaction class

There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...

4CVSS6AI score0.0048EPSS
Exploits1References8
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-8094

Malware in sbrugna...

3.8CVSS4.4AI score0.00335EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-19861

Malware in sbrugna...

5.5CVSS5.4AI score0.00288EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-0967

Malware in sbrugna...

4.3CVSS6.2AI score0.01211EPSS
Exploits0References7
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-0739

Malware in sbrugna...

4.9CVSS6.2AI score0.00392EPSS
Exploits0References7
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-1464

Malware in sbrugna...

5.5CVSS5.3AI score0.004EPSS
Exploits3References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-0985

Malware in sbrugna...

4.3CVSS6.1AI score0.018EPSS
Exploits0References6
redhatcve
redhatcve
added 2025/05/22 2:39 a.m.10 views

CVE-2012-0962

Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...

4.3CVSS6.9AI score0.018EPSS
Exploits0References1
openvas
openvas
added 2023/03/08 12:0 a.m.18 views

Debian: Security Advisory (DLA-261-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.6AI score0.004EPSS
Exploits3References2
osv
osv
added 2022/05/24 5:32 p.m.16 views

GHSA-WPMR-Q825-X4C6 aptdaemon Information Disclosure via Improper Input Validation in Transaction class

There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...

4CVSS3.8AI score0.0048EPSS
Exploits1References6
github
github
added 2022/05/24 5:32 p.m.27 views

aptdaemon Information Disclosure via Improper Input Validation in Transaction class

There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...

4CVSS6.7AI score0.0048EPSS
Exploits1References6Affected Software1
veracode
veracode
added 2020/12/11 9:26 a.m.29 views

Denial Of Service (DoS)

aptdaemon is vulnerable to denial of service DoS. The vulnerability exists as policykit checks are too late...

5.5CVSS2.7AI score0.00288EPSS
Exploits0References3Affected Software5
veracode
veracode
added 2020/12/11 9:21 a.m.24 views

Information Disclosure

aptdaemon is vulnerable to information disclosure. An attacker is able to view file existence by setting Terminal/DebconfSocket properties...

3.8CVSS2.2AI score0.00335EPSS
Exploits0References3Affected Software5
nvd
nvd
added 2020/12/09 4:15 a.m.30 views

CVE-2020-27349

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

5.5CVSS5.4AI score0.00288EPSS
Exploits0References2
nvd
nvd
added 2020/12/09 4:15 a.m.30 views

CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

3.8CVSS4AI score0.00335EPSS
Exploits0References2
osv
osv
added 2020/12/09 4:15 a.m.4 views

CVE-2020-27349

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

5.5CVSS6.1AI score0.00288EPSS
Exploits0References2
prion
prion
added 2020/12/09 4:15 a.m.23 views

Design/Logic Flaw

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

2.1CVSS4.4AI score0.00335EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/12/09 3:35 a.m.45 views

CVE-2020-27349 aptdaemon performed policykit permissions checks too late

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

5.4AI score0.00288EPSS
Exploits0References2
cve
cve
added 2020/12/09 3:35 a.m.81 views

CVE-2020-27349

Apt-daemon (aptdaemon) vulnerability CVE-2020-27349 affects Ubuntu runtimes and is described as: Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges, with affected package versions listed as 1.1.1+bzr982-0ubuntu14.5 up to 1.1.1+bzr982-0...

5.5CVSS5.3AI score0.00288EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/12/09 3:35 a.m.48 views

CVE-2020-16128 Aptdaemon error messages disclosed file existence to unprivileged users via dbus properties

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

3.8CVSS4.6AI score0.00335EPSS
Exploits0References2
Rows per page
Query Builder