11 matches found
NewStart CGSL MAIN 6.06 (SP) : rpm Multiple Vulnerabilities (NS-SA-2026-0012)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has rpm packages installed that are affected by multiple vulnerabilities: - Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, whic...
EUVD-2021-26749
Malware in sbrugna...
SUSE CVE-2021-3421
A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2023-1306)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : rpm (EulerOS-SA-2023-1306)
According to the versions of the rpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-2613)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : rpm (EulerOS-SA-2021-2613)
According to the versions of the rpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to...
EulerOS 2.0 SP5 : rpm (EulerOS-SA-2021-2346)
According to the versions of the rpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-2254)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This...
rpm: fails to drop SUID/SGID bits on package upgrade
lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1...