Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/05/18 7:30 a.m.14 views

PackageKit: race condition vulnerability leads to arbitrary package installation as root

A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...

8.8CVSS5.8AI score0.0046EPSS
Exploits10References9
Slackware Linux
Slackware Linux
added 2023/10/24 10:27 p.m.42 views

[slackware-security] vim

New vim packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.2063-i586-1slack15.0.txz: Upgraded. Fixed use-after-free security issue. Thanks to marav for the heads-up. For more information,...

7.8CVSS7AI score0.00539EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-2519

Directory traversal vulnerability in the installer in PEAR 1.0 through 1.5.3 allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in the 1 install-as attribute in the file element in package.xml 1.0 or the 2 as attribute in the install element in package.xm...

6.8CVSS7.3AI score0.07288EPSS
Exploits1References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24111/info PEAR is prone to a vulnerability that lets attackers overwrite arbitrary files. An attacker-supplied package may supply directory-traversal strings through the 'install-as' attribute to create and overwrite fil...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/05/07 12:0 a.m.13 views

PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite

PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite source: https://www.securityfocus.com/bid/24111/info PEAR is prone to a vulnerability that lets attackers overwrite arbitrary files. An attacker-supplied package may supply directory-traversal strings through the 'install-as' attribut...

0.2AI score
Exploits0
Rows per page
Query Builder