34 matches found
MiracleLinux 9 : Image builder components bug fix, enhancement and (AXSA:2024-8104:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8104:01 advisory. osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 Tenable has extracted the preceding description block...
CVE-2019-20780
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 April 2019...
EUVD-2019-11319
Malware in sbrugna...
EUVD-2018-21180
Malware in sbrugna...
EUVD-2022-39665
Malicious code in bioql PyPI...
CVE-2022-37008
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability...
CVE-2025-2763
CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...
CVE-2023-52538
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2023-52546
Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2023-52538
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2023-52537
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2023-52537
CVE-2023-52537 concerns Huawei HarmonyOS/HwIms: a package name validation bypass in the HwIms module enables an availability impact. Root cause described as a validation bypass for package names; affected are HarmonyOS/EMUI environments leveraging HwIms. The CVSS 3.1 score is 7.5 (Network, L/C/V,...
PT-2023-23350 · Gl.Inet · Gl.Inet
Name of the Vulnerable Software and Affected Versions: GL.iNet devices versions prior to 3.216 Description: An issue was discovered that allows the installation of arbitrary software, such as a reverse shell, through the software installation feature. This is possible because the restrictions on...
SUSE CVE-2018-19639
If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing e.g. with CVE-2018-19638 he can execute arbitrary commands as root...
CVE-2022-37008
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability...
CVE-2022-37008
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability...
CVE-2022-37008
CVE-2022-37008 affects Huawei/HarmonyOS recovery module. The issue allows bypassing verification of an update package before use, potentially impacting system stability. According to NVD, it has CVSS v3.1 base score 7.5 (High) with Network attack vector and No user interaction required; exploitat...
CVE-2022-37008
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability...
Signature Verification Bypass
The exploitation of this flaw requires RPM's package verification level to be set to "digest" or "none". In addition, to exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM. It is strongly recommended to only use RPMs fr...
OPENSUSE-SU-2021:2682-1 Security update for rpm
This update for rpm fixes the following issues: - Changed default package verification level to 'none' to be compatible to rpm-4.14.1 - Made illegal obsoletes a warning - Fixed a potential access of freed mem in ndb's glue code bsc1179416 - Added support for enforcing signature policy and payload...