Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.25 views

EUVD-2022-6740

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.01628EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/09/21 11:10 p.m.91 views

CVE-2022-39224 Arbitrary shell execution when extracting or listing files contained in a malicious rpm.

Arr-pm is an RPM reader/writer library written in Ruby. Versions prior to 0.0.12 are subject to OS command injection resulting in shell execution if the RPM contains a malicious "payload compressor" field. This vulnerability impacts the extract and files methods of the RPM::File class of this...

7CVSS8.1AI score0.01628EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/07 10:50 a.m.30 views

Security Bulletin: IBM QRadar Network Security is affected by vulnerability in rpm. (CVE-2021-20271)

Summary IBM QRadar Network Security has addressed vulnerability in rpm library. the issue could allow a remote attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2021-20271 DESCRIPTION: RPM could allow a remote attacker to execute arbitrary code on the system, caus...

7CVSS1.4AI score0.00827EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2020/04/10 1:3 a.m.21 views

Arbitrary Code Execution

rpm is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute...

9.3CVSS5.1AI score0.06042EPSS
Exploits1References17Affected Software1
OpenVAS
OpenVAS
added 2012/08/03 12:0 a.m.31 views

Mandriva Update for rpm MDVSA-2012:056 (rpm)

Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVSA-2012:056 rpm Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

6.8CVSS0.2AI score0.04779EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.33 views

CentOS Update for popt CESA-2012:0451 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS7.7AI score0.04779EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.28 views

CentOS Update for popt CESA-2011:1349 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.3CVSS7.4AI score0.06042EPSS
Exploits1References2
Cvelist
Cvelist
added 2012/06/04 8:0 p.m.25 views

CVE-2012-0815

The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison...

9.3AI score0.04281EPSS
Exploits0References21
OpenVAS
OpenVAS
added 2012/04/05 12:0 a.m.31 views

RedHat Update for rpm RHSA-2012:0451-01

Check for the Version of rpm OpenVAS Vulnerability Test RedHat Update for rpm RHSA-2012:0451-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

6.8CVSS8.6AI score0.04779EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/10/10 12:0 a.m.18 views

CentOS Update for popt CESA-2011:1349 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.3CVSS7.4AI score0.06042EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/10/10 12:0 a.m.17 views

Mandriva Update for rpm MDVSA-2011:143 (rpm)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.3CVSS7.4AI score0.06042EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/10/04 12:0 a.m.41 views

CentOS 4 / 5 : rpm (CESA-2011:1349)

Updated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6, and Red Hat Enterprise Linux 3 Extended Life Cycle Support, 5.3 Long Life, 5.6 Extended Update Support, and 6.0 Extended Update Support. The Red Hat Security Response Team has rated...

9.3CVSS7.8AI score0.06042EPSS
Exploits1References5
Rows per page
Query Builder