Lucene search
K

23 matches found

EUVD
EUVD
added 2026/05/09 3:59 a.m.11 views

EUVD-2026-28896

pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...

7.8CVSS6AI score0.00197EPSS
Exploits0References2
Redos
Redos
added 2025/01/21 12:0 a.m.13 views

ROS-20250121-02

A vulnerability in the koji RPM-based build system is related to insufficient cleansing of data provided by the by the user. Exploitation of the vulnerability could allow a remote attacker to perform cross-site scripting XSS attacks. Cross-site scripting XSS attacks...

5.4CVSS5.9AI score0.0029EPSS
Exploits0
Oracle linux
Oracle linux
added 2022/09/22 12:0 a.m.82 views

Unbreakable Enterprise kernel security update

5.4.17-2136.311.6 - Revert 'KVM: x86: Print error code in exception injection tracepoint iff valid' Sherry Yang Orabug: 34535896 5.4.17-2136.311.5 - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter: nftable...

7.8CVSS7.6AI score0.12746EPSS
Exploits8
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2022-1143)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS6.6AI score0.00827EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/12/31 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-2876)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS6.5AI score0.00827EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/29 12:0 a.m.32 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-1992)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS6.4AI score0.01706EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2018:3286-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.00415EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2018-1353)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00392EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2019-1466)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00392EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2019/11/28 12:0 a.m.33 views

Security fix for the ALT Linux 9 package clamav version 0.101.5-alt1

0.101.5-alt1 built Nov. 28, 2019 Sergey Y. Afonin in task 241709 Nov. 26, 2019 Sergey Y. Afonin - 0.101.5 CVE-2019-15961 - fixed tests for libcheck 0.13.0 clamav-0.101.5-libcheck-0.13.0.patch - updated License tag to SPDX syntax needs revision of exceptions - removed rpm-build-licenses from...

7.1CVSS6.8AI score0.03135EPSS
Exploits1
ALT Linux
ALT Linux
added 2019/11/26 12:0 a.m.20 views

Security fix for the ALT Linux 8 package clamav version 0.101.5-alt1

Nov. 26, 2019 Sergey Y. Afonin 0.101.5-alt1 - 0.101.5 CVE-2019-15961 - fixed tests for libcheck 0.13.0 clamav-0.101.5-libcheck-0.13.0.patch - updated License tag to SPDX syntax needs revision of exceptions - removed rpm-build-licenses from BuildRequires...

7.1CVSS6.8AI score0.03135EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.43 views

Fedora 29 : glibc (2018-f6b7df660d)

This update for the glibc package addresses one moderate security vulnerability and a minor defect : - CVE-2018-19591: A file descriptor leak in ifnametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido...

7.5CVSS7.4AI score0.05532EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.40 views

Fedora 28 : glibc (2018-060302dc83)

This update for the glibc package addresses one moderate security vulnerability and several defects. - CVE-2018-19591: A file descriptor leak in ifnametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido...

7.5CVSS7.3AI score0.05532EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2018/10/11 12:0 a.m.44 views

spamassassin security update

3.4.0-4 - Add missing Requires for perlXSLoader and perlExtUtils::MakeMaker, - which are no longer auto-generated due to a expected change in rpm-build - Related: rhbz1632998 3.4.0-3 - Fix CVE-2018-11781 - Local user code injection in the meta rule syntax - Fix CVE-2017-15705 - Certain unclosed...

7.8CVSS1.4AI score0.07879EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/29 12:0 a.m.28 views

openSUSE Security Update : python3-rpm / rpm / rpm-python (openSUSE-SU-2014:1716-1)

This rpm update fixes the following security and non security issues : - honor --noglob in install mode bnc892431 - check for bad invalid name sizes bnc908128 CVE-2014-8118 - create files with mode 0 bnc906803 CVE-2013-6435 This update also includes version updates of rpm-python and python3-rpm...

10CVSS7.2AI score0.07669EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.41 views

Oracle Linux 5 : rpm (ELSA-2010-0679)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0679 advisory. - fix CVE-2010-2059, fails to drop SUID/SGID bits on package upgrade 626707 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.2CVSS7.3AI score0.00399EPSS
Exploits0References2
Fedora
Fedora
added 2012/09/17 11:50 p.m.21 views

[SECURITY] Fedora 18 Update: rpmdevtools-8.3-1.fc18

This package contains scripts and XEmacs support files to aid in development of RPM packages. rpmdev-setuptree Create RPM build tree within user's home directory rpmdev-diff Diff contents of two archives rpmdev-newspec Creates new .spec from template rpmdev-rmdevelrpms Find and optionally remove...

1.2CVSS0.7AI score0.0027EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/13 12:0 a.m.28 views

Mandriva Linux Security Advisory : rpm (MDVSA-2010:180)

A vulnerability has been found and corrected in rpm : lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain...

7.2CVSS6.9AI score0.00399EPSS
Exploits0References2
OSV
OSV
added 2010/06/08 6:30 p.m.4 views

DEBIAN-CVE-2010-2197

rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ; semicolon tilde sequence in a Name tag...

5.8CVSS7.5AI score0.00998EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2010/06/07 12:0 a.m.32 views

perl security update

3:5.8.5-52.el4 - build system contains new rpm, which can't create list of header files anymore failure of rpm -ql. Arch specific files contain list of all header files for RHEL-4 or mentioned packages. - Related: rhbz591160 3:5.8.5-50.el4 - CVE-2010-1168 perl Safe: Intended restriction bypass vi...

8.5CVSS1.8AI score0.03715EPSS
Exploits3
Rows per page
Query Builder