Lucene search
K

55 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in rpm

A flaw was discovered in the RPM package’s read functionality. This flaw allows an attacker to persuade a victim to install a seemingly verifiable package, or to compromise an RPM repository, thereby causing corruption of the RPM database. The most significant threat posed by this vulnerability i...

5.5CVSS6.7AI score0.00701EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : rpm-4.14.3-19.el8.2 (AXSA:2022-3034:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3034:02 advisory. rpm: RPM does not require subkeys to have a valid binding signature CVE-2021-3521 Tenable has extracted the preceding description block directly from the...

4.7CVSS6.5AI score0.00302EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : rpm-4.11.3-48.0.1.el7.AXS7 (AXSA:2021-2566:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2566:07 advisory. rpm: Signature checks bypass via corrupted rpm package CVE-2021-20271 Tenable has extracted the preceding description block directly from the MiracleLinux...

7CVSS7.5AI score0.00827EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-0842

Malware in sbrugna...

6.8CVSS7.7AI score0.04281EPSS
Exploits0References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-4880

Malware in sbrugna...

7.2CVSS7.5AI score0.00324EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-5959

Malware in sbrugna...

4.3CVSS6.2AI score0.02255EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-0099

Malware in sbrugna...

6.8CVSS7.7AI score0.04378EPSS
Exploits0References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2017-16518

Malware in sbrugna...

7.8CVSS7AI score0.00392EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2017-16517

Malware in sbrugna...

7.8CVSS7AI score0.00415EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-22573

Malware in sbrugna...

6.7CVSS6.5AI score0.00491EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-6245

Malware in sbrugna...

7.6CVSS7.5AI score0.07669EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: rpm (UTSA-2025-680620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680620 advisory. A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500...

7.8CVSS6.5AI score0.00415EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: rpm (UTSA-2025-680653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680653 advisory. There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a binding signature. RPM does not check the binding signature...

4.7CVSS6.3AI score0.00302EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-7501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a...

7.8CVSS7.2AI score0.00392EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.25 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : rpm Vulnerability (NS-SA-2024-0010)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rpm packages installed that are affected by a vulnerability: - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seeming...

7CVSS7.2AI score0.00827EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/01/30 1:30 p.m.2 views

rpm: TOCTOU race in checks for unsafe symlinks

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and...

6.4CVSS7.1AI score0.00307EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.35 views

K16383: Linux RPM vulnerability CVE-2013-6435

Security Advisory Description Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d...

7.6CVSS8AI score0.07669EPSS
Exploits0Affected Software21
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.3 views

SUSE CVE-2012-0815

The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison...

6.8CVSS7.9AI score0.04281EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.42 views

EulerOS Virtualization 2.10.0 : rpm (EulerOS-SA-2023-1174)

According to the versions of the rpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were...

7.8CVSS6.5AI score0.00491EPSS
Exploits3References4
Microsoft CVE
Microsoft CVE
added 2022/09/03 7:0 a.m.0 views

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501 potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

7.8CVSS6.8AI score0.00415EPSS
Exploits1
Rows per page
Query Builder