Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-44604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified...

7CVSS6.1AI score0.00547EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 8:16 a.m.12 views

CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS0.00547EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 8:16 a.m.16 views

UBUNTU-CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS6AI score0.00547EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/01/25 9:1 a.m.4 views

rpm: TOCTOU race in checks for unsafe symlinks

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and...

6.4CVSS7.1AI score0.00307EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.13 views

Scientific Linux Security Update : selinux-policy on SL6.x i386/x86_64 (20120709)

This update adds the following enhancements : - When the system produces a new SELinux denial, the setroubleshootd daemon executes the rpm tool to check information about the relevant packages. Previously, setroubleshootd was unable to execute the rpm tool, and AVC denials were logged in the...

5.6AI score
Exploits0References1
Rows per page
Query Builder