EUVD-2020-2737

Malware in sbrugna...

Oracle Linux 10 : kernel (ELSA-2025-8669)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8669 advisory. 6.12.0-55.19.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

Acronis Cyber Protect Cloud Agent 加密问题漏洞

Acronis Cyber Protect Cloud Agent is a cloud agent from Acronis Switzerland. An encryption issue vulnerability exists in versions prior to Acronis Cyber Protect Cloud Agent build39185 that stems from a weak algorithm used to sign RPM packages...

SUSE CVE-2012-6088

The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package...

CVE-2020-10282

The Micro Air Vehicle Link MAVLink protocol presents no authentication mechanism on its version 1.0 nor authorization whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. According to literature, version 2.0 optionally allows for package...

CVE-2020-10282

The Micro Air Vehicle Link MAVLink protocol presents no authentication mechanism on its version 1.0 nor authorization whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. According to literature, version 2.0 optionally allows for package...

Authorization

The Micro Air Vehicle Link MAVLink protocol presents no authentication mechanism on its version 1.0 nor authorization whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. According to literature, version 2.0 optionally allows for package...

CVE-2020-10282

The CVE-2020-10282 entry concerns MAVLink, where version 1.0 has no authentication or authorization, enabling identity spoofing, unauthorized access, and man-in-the-middle-style attacks on MAVLink-based UAV communications. Some sources note MAVLink 2.0 adds a basic authentication mechanism (e.g.,...

CVE-2020-10282 RVD#3316: No authentication in MAVLink protocol

The Micro Air Vehicle Link MAVLink protocol presents no authentication mechanism on its version 1.0 nor authorization whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. According to literature, version 2.0 optionally allows for package...

CVE-2019-12875

CVE-2019-12875 concerns Alpine Linux abuild up to version 3.4.0. The vulnerability arises because an unprivileged member of the abuild group can misuse a --keys-dir option to cause acceptance of an untrusted signing key, enabling the introduction of an untrusted package. The Red Hat advisory corr...

Medium: yum

Issue Overview: The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package. Affected Packages: yum Issue...

CVE-2014-0022

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package...

CVE-2014-0022

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package...

PT-2014-1871 · Red Hat · Yum +1

Name of the Vulnerable Software and Affected Versions: yum versions 3.4.3 and earlier Description: The issue allows remote attackers to bypass the RMP package signing restriction, potentially leading to a violation of protected information integrity. This can be exploited remotely. The...