CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Issue Overview: A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other...

3.3CVSS6.7AI score0.00013EPSS

Exploits0

Amazon•added 2025/04/01 12:0 a.m.•9 views

Low: PackageKit

3.3CVSS3.6AI score0.00013EPSS

Exploits0

Tenable Nessus•added 2025/04/01 12:0 a.m.•10 views

Amazon Linux 2 : PackageKit (ALAS-2025-2811)

The version of PackageKit installed on the remote host is prior to 1.1.5-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2811 advisory. A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be...

3.3CVSS4.9AI score0.00013EPSS

Exploits0References4

Tenable Nessus•added 2025/03/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2022-0987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the...

3.3CVSS5.9AI score0.00113EPSS

Exploits0References4

Tenable Nessus•added 2025/03/04 12:0 a.m.•14 views

Linux Distros Unpatched Vulnerability : CVE-2020-16121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be...

3.3CVSS5AI score0.00102EPSS

Exploits1References2

Tenable Nessus•added 2025/03/03 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2011-2515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of...

5.3CVSS6AI score0.00165EPSS

Exploits0References2

Rosalinux•added 2025/03/01 9:41 p.m.•8 views

Advisory ROSA-SA-2025-2754

Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

3.3CVSS4.5AI score0.00013EPSS

Exploits0

Rosalinux•added 2025/03/01 9:21 p.m.•6 views

Advisory ROSA-SA-2025-2731

Software: PackageKit 1.1.12 OS: ROSA Virtualization 3.0 packageevrstring: PackageKit-1.1.12-7.0.1.rv30 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

3.3CVSS4.5AI score0.00013EPSS

Exploits0

OpenVAS•added 2025/02/25 12:0 a.m.•3 views

openSUSE Security Advisory (SUSE-SU-2024:1046-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS3.8AI score0.00013EPSS

Exploits0References5

Rosalinux•added 2025/01/27 12:42 p.m.•35 views

Advisory ROSA-SA-2025-2597

software: packagekit 1.1.13 OS: ROSA-CHROME packageevrstring: packagekit-1.1.13-4 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory. CVE-STATUS: The vulnerability has been resolved. CVE-REV: To close...

3.3CVSS6.8AI score0.00013EPSS

Exploits0

Positive Technologies•added 2025/01/27 12:0 a.m.•1 views

PT-2025-5303 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3 Description: The issue is related to insufficient access restrictions in the PackageKit component of macOS, which may allow a remote attacker to elevat...

10CVSS6.5AI score0.0005EPSS

Exploits0References13

Positive Technologies•added 2024/10/28 12:0 a.m.•1 views

PT-2024-10226

Name of the Vulnerable Software and Affected Versions PackageKit affected versions not specified Description The issue is related to insufficient input validation in the PackageKit component of macOS operating systems. This can allow an attacker to execute arbitrary code. Recommendations At the...

7.5CVSS6.1AI score0.00091EPSS

Exploits0References6