Advisory ROSA-SA-2025-2754

Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

Advisory ROSA-SA-2025-2731

Software: PackageKit 1.1.12 OS: ROSA Virtualization 3.0 packageevrstring: PackageKit-1.1.12-7.0.1.rv30 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

openSUSE Security Advisory (SUSE-SU-2024:1046-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of PackageKit for macOS operating systems, which allows a hacker to increase their privileges

The vulnerability of PackageKit for macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

Advisory ROSA-SA-2025-2597

software: packagekit 1.1.13 OS: ROSA-CHROME packageevrstring: packagekit-1.1.13-4 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory. CVE-STATUS: The vulnerability has been resolved. CVE-REV: To close...

PT-2025-5303 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3 Description: The issue is related to insufficient access restrictions in the PackageKit component of macOS, which may allow a remote attacker to elevat...

The vulnerability of the PackageKit component in macOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of PackageKit for macOS operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code...

PT-2024-10226

Name of the Vulnerable Software and Affected Versions PackageKit affected versions not specified Description The issue is related to insufficient input validation in the PackageKit component of macOS operating systems. This can allow an attacker to execute arbitrary code. Recommendations At the...

RHSA-2018:1224 Red Hat Security Advisory: PackageKit security update

Bulletin has no description...

OPENSUSE-SU-2024:10605-1 PackageKit-1.2.2-13.2 on GA media

These are all security issues fixed in the PackageKit-1.2.2-13.2 package on the GA media of openSUSE Tumbleweed...

RHEL 6 : packagekit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - PackageKit: installs unsigned RPM packages as though they were signed CVE-2011-2515 Note that Nessus has not tested...

RHEL 8 : packagekit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PackageKit: Information Disclosure in Transaction Interface via timing CVE-2022-0987 - PackageKit provide...

RHEL 6 : packagekit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PackageKit: Information Disclosure in Transaction Interface via timing CVE-2022-0987 - PackageKit provide...

RHEL 7 : packagekit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PackageKit: Information Disclosure in Transaction Interface via timing CVE-2022-0987 - PackageKit provide...

PackageKit bug fix and enhancement update

An update is available for PackageKit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9...

SUSE: Security Advisory (SUSE-SU-2024:0966-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 : Recommended update for libzypp, zypper, PackageKit (SUSE-SU-SUSE-RU-2024:1202-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1202-1 advisory. - A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a...

SUSE-RU-2024:1202-1 Recommended update for libzypp, zypper, PackageKit

This update for libzypp, zypper, PackageKit fixes the following issues: - Fixup New VendorSupportOption flag VendorSupportSuperseded jscOBS-301, jscPED-8014 - CVE-2024-0217: Check that Finished signal is emitted at most once bsc1218544 - Add resolver option 'removeOrphaned' for distupgrade...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : PackageKit (SUSE-SU-2024:1046-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1046-1 advisory. - A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for ...

SUSE-SU-2024:1046-1 Security update for PackageKit

This update for PackageKit fixes the following issues: - CVE-2024-0217: Check that Finished signal is emitted at most once bsc1218544. - Dropped unnecessary executable permission bsc1209138...