411 matches found
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
Code injection
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
UBUNTU-CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
CVE-2022-0987
CVE-2022-0987 concerns a timing side-channel in PackageKit’s Transaction interface. Some methods expose timing information, allowing a local user to infer the existence of files owned by root or other users. Impact is information disclosure with local access; CVSS values in the records show LOW s...
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
Apple macOS PackageKit PKInstallSandbox SIP Bypass vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within PackageKit. T...
Apple macOS Catalina Privilege Permission and Access Control Issues Vulnerability (CNVD-2024-17857)
Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A vulnerability exists in Apple macOS Catalina prior to version 2022-004 in a privilege-granting and access-control issue, which stems from a security restriction incorrectly imposed in PackageKit. A...
new packages: PackageKit
An update is available for PackageKit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
Apple macOS 权限许可和访问控制问题漏洞
Apple macOS is a suite of specialized operating systems developed by Apple Inc. for Mac computers. A privilege permission and access control issue vulnerability exists in Apple macOS versions 11.0 20A2411 - 11.6.5 20G527, which stems from incorrectly imposed security restrictions in PackageKit. A...
Apple macOS Catalina 权限许可和访问控制问题漏洞
Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A vulnerability exists in Apple macOS Catalina prior to version 2022-004 in a privilege-granting and access-control issue, which stems from a security restriction incorrectly imposed in PackageKit. A...
PT-2022-6992 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.6.6 macOS versions prior to 12.4 Description: The issue is related to the PackageKit component in macOS, which has insufficient access controls. Exploitation of this issue may allow an attacker to execute arbitrary...
The vulnerability of the transaction interface of the PackageKit package manager allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the transaction interface of the PackageKit package manager is related to insufficient protection of service data. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information...
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
Mageia: Security Advisory (MGASA-2020-0415)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple macOS Monterey和Apple macOS Big Sur权限许可和访问控制问题漏洞
Apple macOS Big Sur and Apple macOS Monterey are both products of Apple Inc.Apple macOS Big Sur is a mobile application app.Apple macOS Monterey is the 18th major version of macOS, the operating system for the Macintosh desktop. Apple macOS Monterey and Apple macOS Big Sur are vulnerable to a...
About the security content of macOS Big Sur 11.6.3
About the security content of macOS Big Sur 11.6.3 This document describes the security content of macOS Big Sur 11.6.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
About the security content of Security Update 2022-001 Catalina
About the security content of Security Update 2022-001 Catalina This document describes the security content of Security Update 2022-001 Catalina. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...