Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Packagekit ProjectPackagekit*

3 matches found

CVE
CVEadded 2018/04/23 8:0 p.m.129 views

CVE-2018-1106

CVE-2018-1106 affects PackageKit prior to 1.1.10. The vulnerability is an authentication bypass that allows a non-administrative user to install signed packages, enabling local privilege escalation and potential system compromise by installing vulnerable packages. Public advisories (various OS ve...

5.5CVSS5.2AI score0.00027EPSS
CVE
CVEadded 2024/01/03 5:4 p.m.101 views

CVE-2024-0217

CVE-2024-0217 overview (concrete details from connected docs): A use-after-free in PackageKitd can cause a memory access to regions freed during transaction cleanup, with freed regions potentially reused for new allocations. This vulnerability is reported across multiple distributions and advisor...

3.3CVSS3.7AI score0.00013EPSS
CVE
CVEadded 2022/06/28 4:9 p.m.76 views

CVE-2022-0987

CVE-2022-0987 concerns a timing side-channel in PackageKit’s Transaction interface. Some methods expose timing information, allowing a local user to infer the existence of files owned by root or other users. Impact is information disclosure with local access; CVSS values in the records show LOW s...

3.3CVSS3.8AI score0.00113EPSS