CVE-2021-35064

KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg...

CVE-2008-4950

gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments...

PT-2025-27559

Name of the Vulnerable Software and Affected Versions: dpkg affected versions not specified Description: A issue was found in dpkg where it does not properly sanitize directory permissions when extracting a control member into a temporary directory. This may lead to temporary files being left...

GLSA-202408-30 : dpkg: Directory Traversal

The remote host is affected by the vulnerability described in GLSA-202408-30 dpkg: Directory Traversal Please review the CVE indentifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has not...

dpkg: Directory Traversal

Background Debian package management system. Description Please review the CVE indentifier referenced below for details. Impact Dpkg::Source::Archive in dpkg, the Debian package management system, is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and...

OPENSUSE-SU-2024:12110-1 dpkg-1.21.8-1.1 on GA media

These are all security issues fixed in the dpkg-1.21.8-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10253-1 dpkg-1.18.10-1.1 on GA media

These are all security issues fixed in the dpkg-1.18.10-1.1 package on the GA media of openSUSE Tumbleweed...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 CVE-2024-3094 checker - Golang Ps.: This versio...

Ubuntu 18.04 ESM : poppler regression (USN-6508-2)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6508-2 advisory. USN-6508-1 fixed vulnerabilities in poppler. The update introduced one minor regression in Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the...

Debian DSA-5501-1 : gnome-shell - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5501 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...

Huawei EulerOS: Security Advisory for dpkg (EulerOS-SA-2023-1744)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : dpkg (EulerOS-SA-2023-1744)

According to the versions of the dpkg package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a...

Debian: Security Advisory (DLA-220-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2142-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K23439402: Debian package management system vulnerability CVE-2022-1664

Security Advisory Description Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a...

SUSE CVE-2015-0860

Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...

SUSE CVE-2021-32556

It was discovered that the getmodifiedconffiles function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg1 call...

SUSE CVE-2022-1664

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...

SUSE SLED15 / SLES15 Security Update : dpkg (SUSE-SU-2022:4081-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4081-1 advisory. - Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 ...

SUSE-SU-2022:4081-1 Security update for dpkg

This update for dpkg fixes the following issues: - CVE-2022-1664: Fixed a directory traversal vulnerability in Dpkg::Source::Archive bsc1199944...