Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-19401

Malware in sbrugna...

7.8CVSS8.5AI score0.00286EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.4 views

SUSE CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

7CVSS6.8AI score0.00286EPSS
Exploits0References29
AlmaLinux
AlmaLinux
added 2021/06/29 1:43 p.m.31 views

Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: Signature checks bypass via corrupted rpm package CVE-2021-20271 For more details about the security issues...

5.1CVSS2.1AI score0.00827EPSS
Exploits0References1
NVD
NVD
added 2018/08/31 3:29 p.m.18 views

CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

7.8CVSS7.6AI score0.00286EPSS
Exploits0References3
OSV
OSV
added 2018/08/31 3:29 p.m.26 views

CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

7.8CVSS6.5AI score0.00286EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/08/31 3:29 p.m.24 views

CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

7.8CVSS7.1AI score0.00286EPSS
Exploits0References4
OSV
OSV
added 2018/08/31 3:29 p.m.2 views

UBUNTU-CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

7.8CVSS7.1AI score0.00286EPSS
Exploits0References5
Cvelist
Cvelist
added 2018/08/31 3:0 p.m.27 views

CVE-2018-7685 libzypp does not reevaluate malicious rpms once downloaded

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

7.8CVSS8.4AI score0.00286EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/08/31 3:0 p.m.41 views

CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

7.8CVSS8.6AI score0.00286EPSS
Exploits0
NVD
NVD
added 2001/10/25 4:0 a.m.14 views

CVE-2001-0923

RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried...

7.2CVSS7.4AI score0.00605EPSS
Exploits1References4
Rows per page
Query Builder