SUSE SLED12 / SLES12 Security Update : PackageKit (SUSE-SU-2024:0966-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0966-1 advisory. - A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction...

SUSE-SU-2024:0966-1 Security update for PackageKit

This update for PackageKit fixes the following issues: - CVE-2024-0217: Check that Finished signal is emitted at most once bsc1218544...

UBUNTU-CVE-2024-0217

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...

About the security content of macOS Monterey 12.7.1

About the security content of macOS Monterey 12.7.1 This document describes the security content of macOS Monterey 12.7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : PackageKit vulnerabilities (USN-4538-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4538-1 advisory. Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the...

The vulnerability of the PackageKit component in macOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of PackageKit for macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the PackageKit component in the macOS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of PackageKit component in the macOS operating system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of PackageKit for macOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of PackageKit for macOS operating systems relates to the disclosure of information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

PT-2023-4265 · Apple · Apple Macos +1

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.7.9 macOS versions prior to 12.6.8 macOS versions prior to 13.5 Description: A permissions issue was addressed with additional restrictions. This issue may allow an app to modify protected parts of the file system...

SUSE CVE-2013-1764

The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...

SUSE CVE-2018-1106

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

SUSE CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

SUSE CVE-2022-0987

A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...

About the security content of macOS Monterey 12.6.2

About the security content of macOS Monterey 12.6.2 This document describes the security content of macOS Monterey 12.6.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS

This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages PKG files...

macOS 10.15.x < Catalina Security Update 2022-005 Catalina (HT213343)

The remote host is running a version of macOS / Mac OS X that is 0.0.x prior to Catalina Security Update 2022-005 Catalina. It is, therefore, affected by multiple vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-4136 - vim is vulnerable to Out-of-bounds Read...

Apple macOS PackageKit PKInstallService Directory Traversal System Integrity Protection Bypass Vulnerability

This vulnerability allows local attackers to bypass System Integrity Protection on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within PackageKi...

Apple macOS PackageKit PKCoreShove Link Following System Integrity Protection Bypass Vulnerability

This vulnerability allows local attackers to bypass System Integrity Protection on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within PackageKi...

DEBIAN-CVE-2022-0987

A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...

CVE-2022-0987

A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...