Security update for PackageKit

This update for PackageKit fixes the following issue: CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

EUVD-2011-1827

Malware in sbrugna...

PT-2025-21607 · Npm · Lockfile-Lint-Api

Name of the Vulnerable Software and Affected Versions: lockfile-lint-api versions prior to 5.9.2 Description: The issue concerns incorrect behavior order, specifically early validation, via the resolved attribute of the package URL validation. This can be bypassed by extending the package name,...

Amazon Linux : Enabled Official Repositories and Extras

The remote host is using one or more Amazon Linux repositories to install packages. These repositories may be used in conjuntion with Amazon Linux OS package level assessment security advisories to determine whether or not relevant repositories are installed before checking package versions for...

CVE-2019-16777

The CVE-2019-16777 entry affects the npm CLI for versions prior to 6.13.4, which are vulnerable to Arbitrary File Overwrite. The issue allows overwriting globally-installed binaries (e.g., a serve binary) during subsequent package installations, including when --ignore-scripts is used. This behav...

Man-in-the-Middle (MitM)

redhat-upgrade-tool is vulnerable to man-in-the-middle MitM attack. The tool does not implement proper GPG signature verification when performing package installations, allowing an attacker to perform man-in-the-middle attacks against the client...

Ubuntu Update for base-files vulnerability USN-968-1

Ubuntu Update for Linux kernel vulnerabilities USN-968-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9681.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for base-files vulnerability USN-968-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-968-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 9.10 / 10.04 LTS : base-files vulnerability (USN-968-1)

It was discovered that the Ubuntu image shipped on some Dell Latitude 2110 systems was accidentally configured to allow unauthenticated package installations. A remote attacker intercepting network communications or a malicious archive mirror server could exploit this to trick the user into...

USN-968-1: Dell Latitude 2110 vulnerability

It was discovered that the Ubuntu image shipped on some Dell Latitude 2110 systems was accidentally configured to allow unauthenticated package installations. A remote attacker intercepting network communications or a malicious archive mirror server could exploit this to trick the user into...