Astra Linux - уязвимость в packagekit

PackageKit’s apt backend mistakenly treats all local deb files as trustworthy. The apt security model is based on repository trust, not the contents of individual files. On sites where PolicyKit rules are configured, this could allow users to install malicious packages...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : zuluCrypt vulnerability (USN-8218-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8218-1 advisory. Aaron Rainbolt discovered that zuluCrypt used insecure PolicyKit settings in zuluPolkit. An attacker could possibly use this...

USN-8218-1 zulucrypt vulnerability

Aaron Rainbolt discovered that zuluCrypt used insecure PolicyKit settings in zuluPolkit. An attacker could possibly use this issue to cause local privilege escalation to root. CVE-2025-53391...

USN-8218-1: zuluCrypt vulnerability

Aaron Rainbolt discovered that zuluCrypt used insecure PolicyKit settings in zuluPolkit. An attacker could possibly use this issue to cause local privilege escalation to root. CVE-2025-53391...

[SECURITY] [DLA 4553-1] policykit-1 security update

Debian LTS Advisory DLA-4553-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson April 29, 2026 https://wiki.debian.org/LTS Package : policykit-1 Version : 0.105-31+deb11u2 CVE ID : CVE-2021-4115 CVE-2026-4897 Debian Bug : 1005784 1132234 Multiple vulnerabilities...

Debian dla-4553 : gir1.2-polkit-1.0 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4553 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4553-1 [email protected]...

Ubuntu: Security Advisory (USN-8173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8173-1 policykit-1 vulnerabilities

It was discovered that polkit incorrectly handled nested elements in XML policy files. If an administrator were tricked into installing a malicious policy file, a remote attacker could possibly use this issue to cause polkit to crash, resulting in a denial of service. CVE-2025-7519 Pavel Kohout...

Fedora 42 : foomuuri (2026-63f333201f)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-63f333201f advisory. Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858. CVE-2025-67603: Add PolicyKit authorization to D-Bus methods...

MiracleLinux 4 : polkit-0.96-11.AXS4.1 (AXSA:2019-3772:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3772:01 advisory. Security Fix - PolicyKitfork CVE-2019-6133 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003871 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

CVE-2025-67859 Polkit Authorization Check can be Bypassed in the TLP power daemon

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

MiracleLinux 4 : NetworkManager-0.8.1-9.AXS4.3 (AXSA:2011-534:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-534:01 advisory. NetworkManager is a system network service that manages your network devices and connections, attempting to keep active network connectivity when...

CVE-2011-0729

dbusbackend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a 1 SetSystemDefaultLangEnv or 2...

Fedora 43 : foomuuri (2026-429edf2dcf)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-429edf2dcf advisory. Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858. CVE-2025-67603: Add PolicyKit authorization to D-Bus methods...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000190)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000190 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

EUVD-2011-2168

Malware in sbrugna...

EUVD-2008-1659

Malware in sbrugna...

EUVD-2011-0742

Malware in sbrugna...

EUVD-2011-1826

Malware in sbrugna...