Unity Linux 20.1060e / 20.1070e Security Update: rpm (UTSA-2026-017547)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017547 advisory. A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly...

NewStart CGSL MAIN 6.06 (SP) : rpm Multiple Vulnerabilities (NS-SA-2026-0012)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has rpm packages installed that are affected by multiple vulnerabilities: - Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, whic...

MiracleLinux 4 : rpm-4.8.0-19.1.0.1.AXS4 (AXSA:2012-489:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-489:02 advisory. The RPM Package Manager RPM is a powerful command line driven package management system capable of installing, uninstalling,c verifying, querying, an...

EUVD-2002-2183

Malware in sbrugna...

EUVD-2001-0906

Malware in sbrugna...

EUVD-2006-5451

Malware in sbrugna...

AIX is vulnerable to a memory corruption issue (CVE-2025-6965) due to RPM

IBM SECURITY ADVISORY First Issued: Mon Oct 6 15:10:47 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory4.asc Security Bulletin: AIX is vulnerable to a memory corruption issue CVE-2025-6965 due to RPM...

Advisory ROSA-SA-2025-2817

Software: rpm 4.14.3 OS: ROSA Virtualization 3.0 packageevrstring: rpm-4.14.3-31.rv30 CVE-ID: CVE-2021-35937 BDU-ID: 2021-03555 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RPM Package Manager RPM of Red Hat Enterprise Linux operating systems is caused by a race condition. Exploitation of t...

ROS-20240410-21

A vulnerability in the RPM Package Manager of Red Hat Enterprise Linux operating systems is related to the lack of RPM signature verification of subsection binding before importing them. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges A...

Fedora: Security Advisory for xmvn-generator (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: xmvn-generator-1.2.2-3.fc40

XMvn Generator is a dependency generator for RPM Package Manager written in Java and Lua, that uses LuJavRite library to call Java code from Lua...

RLSA-2024:0647 Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

ALSA-2024:0647 Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

rpm: races with chown/chmod/capabilities calls during installation

A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

rpm: TOCTOU race in checks for unsafe symlinks

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...