Lucene search
K

11 matches found

CVE
CVE
added 2026/04/03 6:38 p.m.21 views

CVE-2026-2625

The CVE-2026-2625 flaw affects rust-rpm-sequoia. A crafted RPM file can trigger an error in the OpenPGP signature parsing code during verification, causing the rpm process to terminate unconditionally and leading to an application‑level DoS (unavailability to process RPMs for signature verificati...

5.5CVSS5.9AI score0.00085EPSS
Exploits0References3Affected Software3
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-2625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager RPM file. During the R...

5.5CVSS5.9AI score0.00085EPSS
Exploits0References4
Veracode
Veracode
added 2020/04/10 1:3 a.m.24 views

Arbitrary Code Execution

rpm is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute...

9.3CVSS5.1AI score0.06042EPSS
Exploits1References17Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/01/28 12:0 a.m.35 views

F5 Networks BIG-IP : Linux RPM vulnerability (SOL16383)

Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory C Tenable Network...

7.6CVSS7.6AI score0.07669EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.38 views

Debian DLA-140-1 : rpm security update

Several vulnerabilities have been fixed in rpm : CVE-2014-8118 Fix integer overflow which allowed remote attackers to execute arbitrary code. CVE-2013-6435 Prevent remote attackers from executing arbitrary code via crafted RPM files. CVE-2012-0815 Fix denial of service and possible code execution...

10CVSS8.5AI score0.07669EPSS
Exploits0References7
NVD
NVD
added 2014/12/16 6:59 p.m.18 views

CVE-2013-6435

Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory...

7.6CVSS7.8AI score0.07669EPSS
Exploits0References13
Cvelist
Cvelist
added 2014/12/16 6:0 p.m.28 views

CVE-2013-6435

Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory...

7.7AI score0.07669EPSS
Exploits0References13
Ubuntu
Ubuntu
added 2013/01/17 3:56 p.m.36 views

USN-1694-1: RPM vulnerability

It was discovered that RPM incorrectly handled signature checking. An attacker could create a specially-crafted rpm with an invalid signature which could pass the signature validation check...

4.3CVSS6.3AI score0.02255EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/03/13 12:0 a.m.21 views

F-Secure Product(s) Integer Overflow Vulnerability (Linux)

This host is installed with F-Secure Products and is prone to Integer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbfsecureprdtsintoverflowvulnlin.nasl 6516 2017-07-04 12:20:47Z cfischer $ F-Secure Products Integer Overflow Vulnerability Linux Authors: Sharath S Copyright: Copyright c...

7.6CVSS0.5AI score0.05535EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2006/11/06 5:7 p.m.31 views

CVE-2006-5466

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ruRU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages...

5.4CVSS6.4AI score0.03581EPSS
Exploits1References2
NVD
NVD
added 2006/11/06 5:7 p.m.32 views

CVE-2006-5466

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ruRU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages...

5.4CVSS7.7AI score0.03581EPSS
Exploits1References11
Rows per page
Query Builder