SUSE-SU-2026:2229-1 Security update for hplip

This update for hplip fixes the following issues Security issues: - CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation bsc1266031. - CVE-2026-8631: escalation of privileges and/or arbitrary code execution via ...

EUVD-2010-0087

Malware in sbrugna...

SUSE CVE-2023-30551

Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory OOM conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of...

SUSE CVE-2010-0055

xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package...

Loxone Miniserver 授权问题漏洞

Loxone Miniserver is a server that provides energy management and monitoring functions for automation of equipment and homes in buildings and houses by Loxone Corporation. Loxone Miniserver version 11.1.9.3 previously had an authorization issue vulnerability that arose from the inability of devic...

SUSE-SU-2018:2716-1 Security update for libzypp, zypper

This update for libzypp, zypper provides the following fixes: Update libzypp to version 16.17.20 Security issues fixed: - PackageProvider: Validate delta rpms before caching bsc1091624, bsc1088705, CVE-2018-7685 - PackageProvider: Validate downloaded rpm package signatures before caching...

The vulnerability of the RubyGems package management system lies in its improper verification of cryptographic signatures, allowing a hacker to execute arbitrary code.

The vulnerability of the RubyGems package management system is related to improper verification of the cryptographic signatures of packages. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

redhat-upgrade-tool: does not check GPG signatures on package installation

It was found that the redhat-upgrade-tool did not check GPG signatures on downloaded and installed packages during the upgrade process...

CVE-2014-0490

The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package...

redhat-upgrade-tool: does not check GPG signatures on package installation

It was found that the redhat-upgrade-tool did not check GPG signatures on downloaded and installed packages during the upgrade process...

[SECURITY] Fedora 16 Update: rpmdevtools-8.3-1.fc16

This package contains scripts and XEmacs support files to aid in development of RPM packages. rpmdev-setuptree Create RPM build tree within user's home directory rpmdev-diff Diff contents of two archives rpmdev-newspec Creates new .spec from template rpmdev-rmdevelrpms Find and optionally remove...

[SECURITY] Fedora 17 Update: rpmdevtools-8.3-1.fc17

This package contains scripts and XEmacs support files to aid in development of RPM packages. rpmdev-setuptree Create RPM build tree within user's home directory rpmdev-diff Diff contents of two archives rpmdev-newspec Creates new .spec from template rpmdev-rmdevelrpms Find and optionally remove...

CVE-2010-0055

xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package...

Code injection

xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package...

CVE-2010-0055

CVE-2010-0055 concerns xar, with the Apple Mac OS X 10.5.8 signature-validation flaw allowing modification of a package to yield unspecified impact. Connected records confirm downstream fixes/upstream patches and package updates: Fedora advisories show xar upgrades to 1.6.1 (and note CVE-2010-005...

RHEL 5 : yum-rhn-plugin (RHSA-2008:0815)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2008:0815 advisory. The yum-rhn-plugin provides support for yum to securely access a Red Hat Network RHN server for software updates. It was discovered that yum-rhn-plug...