387 matches found
CVE-2026-41651
A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation. Mitigation To mitigate this vulnerability, mask the PackageKit service. Note that graphical...
CVE-2026-41651
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
CVE-2026-41651 PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
CVE-2026-41651
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
CVE-2026-41651
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
EUVD-2026-24742
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
CVE-2026-41651 PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
[SECURITY] [DLA 4545-1] packagekit security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4545-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz April 22, 2026 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 6226-1] packagekit security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6226-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2026 https://www.debian.org/security/faq -...
USN-8195-1 packagekit vulnerability
It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to install arbitrary packages as root, possibly resulting in privilege escalation...
Debian dsa-6226 : gir1.2-packagekitglib-1.0 - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6226 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6226-1 [email protected] https://www.debian.org/security/...
PackageKit 安全漏洞
PackageKit is an open-source system for installing and updating software. Versions 1.0.2 to 1.3.4 of PackageKit contain security vulnerabilities. These vulnerabilities stem from race conditions in transaction flags, which may allow unauthorized users with root privileges to install software...
Debian dla-4545 : gir1.2-packagekitglib-1.0 - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4545 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4545-1 [email protected] https://www.debian.org/lts/security/...
Linux Distros Unpatched Vulnerability : CVE-2026-41651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit betwe...
PT-2026-34331
Name of the Vulnerable Software and Affected Versions PackageKit versions 1.0.2 through 1.3.4 Description PackageKit is a D-Bus abstraction layer used to manage packages across different distributions and architectures. A time-of-check time-of-use TOCTOU race condition exists in the handling of...
MiracleLinux 7 : PackageKit-1.1.5-2.0.1.el7.AXS7 (AXSA:2018-3051:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3051:01 advisory. PackageKit: authentication bypass allows to install signed packages without administrator privileges CVE-2018-1106 Tenable has extracted the preceding...
ROS-20251223-7304
Vulnerability in PackageKit related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
Exploit for Improper Input Validation in Apple Macos
Cybersecurity POCs This is a collection of various proof of co...
Advisory ROSA-SA-2025-3100
Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...
EUVD-2011-2500
Malware in sbrugna...