Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
packagekit project packagekit - vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2013-1764
The Zypper (aka zypp) backend in PackageKit prior to 0.8.8 allows local users to downgrade packages via the "install updates" method.
Packagekit Project Packagekit
Packagekit Project Packagekit 0.8.6
Packagekit Project Packagekit 0.8.5
Packagekit Project Packagekit 0.8.4
Packagekit Project Packagekit 0.8.3
Packagekit Project Packagekit 0.8.1
Packagekit Project Packagekit 0.8.2
2.1
CVSSv2
CVE-2020-16121
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
Packagekit Project Packagekit -
Canonical Ubuntu Linux 20.04
2.1
CVSSv2
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
Packagekit Project Packagekit
Redhat Enterprise Linux 9.0
NA
CVE-2024-0217
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other al...
Packagekit Project Packagekit
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
2.1
CVSSv2
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages.
Packagekit Project Packagekit -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
4.6
CVSSv2
CVE-2011-2515
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.
Packagekit Project Packagekit 0.6.17
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Server 6.0
1.9
CVSSv2
CVE-2013-0200
HP Linux Imaging and Printing (HPLIP) up to and including 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out t...
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.9.12
Hp Linux Imaging And Printing Project 1.0
Hp Linux Imaging And Printing Project 2.7.10
Hp Linux Imaging And Printing Project 2.0
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.9.10
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.8
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project
Hp Linux Imaging And Printing Project 3.11.3
Hp Linux Imaging And Printing Project 3.11.5
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.10.2
Hp Linux Imaging And Printing Project 3.11.7
Redhat Enterprise Linux 6.0
2.1
CVSSv2
CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing (HPLIP) up to and including 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
Hp Linux Imaging And Printing Project
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.13.5
Hp Linux Imaging And Printing Project 3.13.4
Hp Linux Imaging And Printing Project 3.12.6
Hp Linux Imaging And Printing Project 3.12.4
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.13.8
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.13.3
Hp Linux Imaging And Printing Project 3.13.2
Hp Linux Imaging And Printing Project 3.12.2
Hp Linux Imaging And Printing Project 3.11.12
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.13.10
Hp Linux Imaging And Printing Project 3.13.9
6.8
CVSSv2
CVE-2013-6427
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x up to and including 3.13.11 launches a program from an http URL, which allows man-in-the-middle malicious users to execute arbitrary code by gaining control over the client-server data stream.
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.13.5
Hp Linux Imaging And Printing Project 3.13.4
Hp Linux Imaging And Printing Project 3.12.4
Hp Linux Imaging And Printing Project 3.12.2
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.13.8
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.13.3
Hp Linux Imaging And Printing Project 3.13.2
Hp Linux Imaging And Printing Project 3.11.12
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.13.7
Hp Linux Imaging And Printing Project 3.13.6
Hp Linux Imaging And Printing Project 3.12.10
Hp Linux Imaging And Printing Project 3.12.9
9.3
CVSSv2
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »