Lucene search
+L

7 matches found

AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.11 views

Astra Linux – Vulnerability in PackageKit

PackageKit is a D-Bus abstraction layer that allows users to manage packages in a secure manner using a cross-distro, cross-architecture API. PackageKit in versions 1.0.2 through 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition involving transaction flags, which allows...

8.8CVSS7.1AI score0.0046EPSS
Exploits10References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-10294

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

5.3CVSS5AI score0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 9:30 p.m.9 views

CVE-2026-10294 PackageKit API pk-transaction.c g_file_test improper authorization

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

5.3CVSS5.5AI score0.00222EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:30 p.m.10 views

CVE-2026-10294

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

5.3CVSS5.5AI score0.00222EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

PackageKit 授权问题漏洞

PackageKit is an open-source system for installing and updating software. Versions of PackageKit 1.3.5 and earlier have a licensing issue vulnerability. This vulnerability stems from incorrect handling of the parameter ‘frontend-socket’ in the function gfiletest within the API component file...

5.3CVSS5AI score0.00222EPSS
Exploits0References6
NVD
NVD
added 2026/04/22 2:17 p.m.4 views

CVE-2026-41651

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

8.8CVSS0.0046EPSS
Exploits10References22
EUVD
EUVD
added 2026/04/22 1:11 p.m.5 views

EUVD-2026-24742

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

8.8CVSS6AI score0.0046EPSS
Exploits10References5
Rows per page
Query Builder