CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Tenable Nessus•added 2026/04/28 12:0 a.m.•0 views

Fedora 44 : rauc (2026-17dbeca425)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-17dbeca425 advisory. version bumped from 1.15.1 to 1.15.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

7.2CVSS5.5AI score0.00018EPSS

Exploits0References2

Fedora•added 2026/04/25 1:52 a.m.•9 views

[SECURITY] Fedora 44 Update: rauc-1.15.2-1.fc44

RAUC is a lightweight update client that runs on your Embedded Linux device and reliably controls the procedure of updating your device with a new firmwa re revision. RAUC is also the tool on your host system that lets you create, inspect and modify update artifacts for your device. Service is no...

7.2CVSS5.2AI score0.00018EPSS

Exploits0

OpenVAS•added 2026/04/08 12:0 a.m.•4 views

Fedora: Security Advisory (FEDORA-2026-f0293b845e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.9AI score0.00018EPSS

Exploits0References4

Tenable Nessus•added 2026/04/07 12:0 a.m.•4 views

Fedora 43 : rauc (2026-f0293b845e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f0293b845e advisory. version bumped from 1.15.1 to 1.15.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

7.2CVSS6AI score0.00018EPSS

Exploits0References2

Tenable Nessus•added 2026/04/02 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-34155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles using the 'plain' format exceeding a payload size of 2 GiB cau...

7.2CVSS5.8AI score0.00018EPSS

Exploits0References3

NVD•added 2026/03/31 2:16 p.m.•2 views

CVE-2026-34155

RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles using the 'plain' format exceeding a payload size of 2 GiB cause an integer overflow which results in a signature which covers only the first few bytes of the payload. Given such a bundle with a...

7.2CVSS0.00018EPSS

Exploits0References3

Cvelist•added 2026/03/31 1:28 p.m.•20 views

CVE-2026-34155 RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB

7.2CVSS0.00018EPSS

Exploits0References3

CVE•added 2026/03/31 1:28 p.m.•12 views

CVE-2026-34155

RAUC (Embedded Linux update framework) is affected prior to version 1.15.2. An integer overflow when packaging bundles in the plain format with payloads larger than 2 GiB causes a signature to cover only the initial portion of the payload. If a bundle has a legitimate signature, an attacker could...

7.2CVSS5.8AI score0.00018EPSS

Exploits0References3Affected Software1

Debian CVE•added 2026/03/31 1:28 p.m.•2 views

CVE-2026-34155

7.2CVSS5.4AI score0.00018EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-18493

Malware in sbrugna...

7.1CVSS6.4AI score0.00493EPSS

Exploits1References3

Tenable Nessus•added 2025/08/30 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2020-25860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time- of-Use vulnerability, where signature verification on ...

7.1CVSS6.8AI score0.00493EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 5:54 p.m.•6 views

CVE-2020-25860

The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker who can modify the update file just before it is...

7.1CVSS7.2AI score0.00493EPSS

Exploits1

Veracode•added 2020/12/21 8:58 p.m.•18 views

Time-of-Check Time-of-Use

rauc, sid is vulnerable time-of-check time-of-use. The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker wh...

6.6CVSS4.3AI score0.00493EPSS

Exploits1References3Affected Software1