Lucene search
+L

28 matches found

nessus
nessus
added 2026/06/30 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-40941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which...

7.1CVSS6.7AI score0.00159EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/26 7:18 a.m.7 views

CVE-2026-40941

A flaw was found in Cacti, an open-source performance and fault management framework. This vulnerability allows a remote attacker to bypass the package import signature validation. By exploiting this flaw, an attacker can import self-signed packages, potentially leading to the execution of...

8.8CVSS6AI score0.00159EPSS
Exploits0References6
nvd
nvd
added 2026/06/25 11:17 p.m.13 views

CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS0.00159EPSS
Exploits0References3
osv
osv
added 2026/06/25 11:17 p.m.3 views

DEBIAN-CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

6.5CVSS5.7AI score0.00159EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/25 11:1 p.m.28 views

CVE-2026-40941 Cacti: Package Import Signature Validation Bypass Allows Self-Signed Packages

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS0.00159EPSS
Exploits0References3
debiancve
debiancve
added 2026/06/25 11:1 p.m.8 views

CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS5.8AI score0.00159EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/25 11:1 p.m.8 views

CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS5.7AI score0.00159EPSS
Exploits0References4Affected Software1
cve
cve
added 2026/06/25 11:1 p.m.25 views

CVE-2026-40941

CVE-2026-40941 affects Cacti up to version 1.2.30 and is caused by a package import signature validation bypass that allows the use of self-signed packages. The issue has been fixed in version 1.2.31. Affected software is Cacti (open source performance and fault management framework). Remediation...

7.1CVSS5.7AI score0.00159EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 7 : PackageKit-1.1.5-2.0.1.el7.AXS7 (AXSA:2018-3051:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3051:01 advisory. PackageKit: authentication bypass allows to install signed packages without administrator privileges CVE-2018-1106 Tenable has extracted the preceding...

5.5CVSS5.7AI score0.00393EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11753

Malware in sbrugna...

5.5CVSS5.3AI score0.00393EPSS
Exploits0References8
susecve
susecve
added 2023/02/15 4:34 a.m.4 views

SUSE CVE-2018-1106

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

5.5CVSS5.7AI score0.00393EPSS
Exploits0References6
openvas
openvas
added 2020/01/23 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for PackageKit (EulerOS-SA-2018-1183)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00393EPSS
Exploits0References2
openvas
openvas
added 2020/01/23 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for PackageKit (EulerOS-SA-2019-2700)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00393EPSS
Exploits0References2
nessus
nessus
added 2019/12/23 12:0 a.m.46 views

EulerOS 2.0 SP5 : PackageKit (EulerOS-SA-2019-2700)

According to the version of the PackageKit packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
redhatcve
redhatcve
added 2019/10/09 11:31 p.m.22 views

CVE-2018-1106

An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References2
veracode
veracode
added 2019/01/15 9:21 a.m.19 views

Authentication Bypass

packagekit is vulnerable to authentication bypass attacks. The vulnerability exists as an authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install...

5.5CVSS5.3AI score0.00393EPSS
Exploits0References6Affected Software1
redhat
redhat
added 2018/04/24 6:40 p.m.7 views

PackageKit: authentication bypass allows to install signed packages without administrator privileges

An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

5.5CVSS5.7AI score0.00393EPSS
Exploits0References5
osv
osv
added 2018/04/23 8:29 p.m.2 views

DEBIAN-CVE-2018-1106

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

5.5CVSS5.4AI score0.00393EPSS
Exploits0References1
prion
prion
added 2018/04/23 8:29 p.m.13 views

Authentication flaw

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

2.1CVSS5.3AI score0.00393EPSS
Exploits0References5Affected Software9
debiancve
debiancve
added 2018/04/23 8:0 p.m.26 views

CVE-2018-1106

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

5.5CVSS5.4AI score0.00393EPSS
Exploits0
Rows per page
Query Builder