Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2026/05/02 1:8 a.m.3 views

CLSA-2026-1777541348 flatpak: Fix of CVE-2021-43860

CVE-2021-43860: hidden permissions via null byte in metadata file...

8.6CVSS7.3AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.1 views

Astra Linux - уязвимость в flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak did not properly validate whether the permissions displayed to the user during installation match the actual permissions granted to the app at runtime, especially when there was a nu...

8.6CVSS7.2AI score0.00166EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2010-4733

Malware in sbrugna...

6CVSS6.2AI score0.00141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-43860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permission...

8.6CVSS7.8AI score0.00166EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2023/11/07 8:49 a.m.2 views

flatpak: Metadata with ANSI control codes can cause misleading terminal output

A flaw was found in Flatpak, a system for building, distributing, and running sandboxed desktop applications on Linux. Suppose an attacker publishes a Flatpak app with elevated permissions. In that case, they can hide those permissions from users of the flatpak1 command-line interface by setting...

5CVSS5.8AI score0.00244EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/03/18 3:38 a.m.2 views

SUSE CVE-2023-28101

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the flatpak1 command-line...

6.3CVSS6.8AI score0.00244EPSS
Exploits0References7
OSV
OSVadded 2022/02/11 11:3 a.m.3 views

OESA-2022-1520 flatpak security update

Application deployment framework for desktop apps. Security Fixes: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual...

8.6CVSS6.8AI score0.00166EPSS
Exploits0References2
OSV
OSVadded 2022/01/12 10:15 p.m.1 views

UBUNTU-CVE-2021-43860

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a...

8.6CVSS7.2AI score0.00166EPSS
Exploits0References5
OSV
OSVadded 2011/03/18 4:55 p.m.1 views

DEBIAN-CVE-2010-4768

Open Ticket Request System OTRS before 2.3.5 does not properly disable hidden permissions, which allows remote authenticated users to bypass intended queue access restrictions in opportunistic circumstances by visiting a ticket, related to a certain ordering of permission-set and permission-remov...

6CVSS6.8AI score0.00141EPSS
Exploits1References1
Rows per page
Query Builder