Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2019/12/23 12:0 a.m.46 views

EulerOS 2.0 SP5 : PackageKit (EulerOS-SA-2019-2700)

According to the version of the PackageKit packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.20 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : PackageKit Vulnerability (NS-SA-2019-0028)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has PackageKit packages installed that are affected by a vulnerability: - An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacke...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.22 views

Fedora 28 : PackageKit (2018-a86100a264)

New upstream release - This release fixes CVE-2018-1106 which is a moderate security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possib...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/06/05 12:0 a.m.20 views

CentOS Update for PackageKit CESA-2018:1224 centos7

Check the version of PackageKit SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882896";...

5.5CVSS5.5AI score0.00393EPSS
Exploits0References2
Cent OS
Cent OS
added 2018/05/30 6:24 p.m.95 views

PackageKit security update

CentOS Errata and Security Advisory CESA-2018:1224 An update for PackageKit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

5.5CVSS6.1AI score0.00393EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/05/23 12:0 a.m.20 views

Debian DSA-4207-1 : packagekit - security update

Matthias Gerstner discovered that PackageKit, a DBus abstraction layer for simple software management tasks, contains an authentication bypass flaw allowing users without privileges to install local packages. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

5.5CVSS5.5AI score0.00393EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/05/01 12:0 a.m.21 views

Scientific Linux Security Update : PackageKit on SL7.x x86_64 (20180424)

Security Fixes : - PackageKit: authentication bypass allows to install signed packages without administrator privileges CVE-2018-1106 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid109463; scriptversion"1.6";...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/05/01 12:0 a.m.24 views

Fedora 27 : PackageKit (2018-a3b7c7eb79)

New upstream release - This release fixes CVE-2018-1106 which is a moderate security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possib...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/27 12:0 a.m.38 views

Amazon Linux 2 : PackageKit (ALAS-2018-1006)

Authentication bypass allows to install signed packages without administrator privileges An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable...

5.5CVSS5.4AI score0.00393EPSS
Exploits0References2
Amazon
Amazon
added 2018/04/26 12:0 a.m.40 views

Medium: PackageKit

Issue Overview: Authentication bypass allows to install signed packages without administrator privileges An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install...

5.5CVSS5.5AI score0.00393EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/25 12:0 a.m.20 views

Oracle Linux 7 : PackageKit (ELSA-2018-1224)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1224 advisory. - Fixes CVE-2018-1106 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...

5.5CVSS5.7AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/25 12:0 a.m.15 views

Ubuntu 17.10 : PackageKit vulnerability (USN-3634-1)

Matthias Gerstner discovered that PackageKit incorrectly handled authentication. A local attacker could possibly use this issue to install arbitrary packages and escalate privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

5.5CVSS5.8AI score0.00393EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/04/25 12:0 a.m.16 views

openSUSE: Security Advisory for PackageKit (openSUSE-SU-2018:1049-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS4.8AI score0.00393EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/04/24 6:40 p.m.75 views

Moderate: Red Hat Security Advisory: PackageKit security update

An update for PackageKit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

5.5CVSS6.1AI score0.00393EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/04/24 12:6 a.m.62 views

Security update for PackageKit (important)

This update for PackageKit fixes the following security issue: - CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password bsc1086936. This update was imported from the SUSE:SLE-12-SP2:Update update project...

3.2AI score0.00393EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2018/04/24 12:0 a.m.29 views

PackageKit security update

1.1.5-2.0.1 - remove PackageKit-0.3.8-Fedora-Vendor.conf.patch 1.1.5-2 - Fixes CVE-2018-1106 - Resolves: rhbz1566425...

5.5CVSS2AI score0.00393EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/24 12:0 a.m.26 views

openSUSE Security Update : PackageKit (openSUSE-2018-386)

This update for PackageKit fixes the following security issue : - CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password bsc1086936. This update was imported from the SUSE:SLE-12-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/24 12:0 a.m.39 views

SUSE SLED12 / SLES12 Security Update : PackageKit (SUSE-SU-2018:1047-1)

CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password bsc1086936. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References4
CVE
CVE
added 2018/04/23 8:0 p.m.130 views

CVE-2018-1106

CVE-2018-1106 affects PackageKit prior to 1.1.10. The vulnerability is an authentication bypass that allows a non-administrative user to install signed packages, enabling local privilege escalation and potential system compromise by installing vulnerable packages. Public advisories (various OS ve...

5.5CVSS5.2AI score0.00393EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2018/04/23 3:48 p.m.8 views

SUSE-SU-2018:1047-1 Security update for PackageKit

CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password bsc1086936...

5.5CVSS5.4AI score0.00393EPSS
Exploits0References3
Rows per page
Query Builder