Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rpm vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-2650
Cross-site scripting (XSS) vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display.
Novell Suse Studio Onsite 1.1
Marcus Schafer Kiwi
668
VMScore
CVE-2022-23132
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
Zabbix Zabbix 6.0.0
Zabbix Zabbix
Fedoraproject Fedora 34
Fedoraproject Fedora 35
409
VMScore
CVE-2003-1156
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 up to and including 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM ...
Sun Jre 1.4.2
Sun Jdk 1.4.2
Sun Jdk 1.4.2 02
641
VMScore
CVE-2017-18282
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9607 Firmware -
Qualcomm Mdm9650 Firmware -
Qualcomm Sd210 Firmware -
Qualcomm Sd212 Firmware -
Qualcomm Sd205 Firmware -
Qualcomm Sd425 Firmware -
Qualcomm Sd430 Firmware -
Qualcomm Sd450 Firmware -
Qualcomm Sd625 Firmware -
Qualcomm Sd650 Firmware -
Qualcomm Sd652 Firmware -
Qualcomm Sd835 Firmware -
Qualcomm Sda660 Firmware -
NA
CVE-2024-2905
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive ...
676
VMScore
CVE-2008-6085
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote malicious users to execute arbitrary code via a crafted RPM compre...
F-secure F-secure Internet Security 2007
F-secure F-secure Internet Security 2006
F-secure F-secure Anti-virus For Workstations 7.10
F-secure F-secure Linux Security
F-secure F-secure Protection Service For Consumers 6.00
F-secure F-secure Protection Service For Consumers 5.00
F-secure F-secure Anti-virus Linux Server Security 5.30
F-secure F-secure Anti-virus 2007
F-secure F-secure Anti-virus 2006
F-secure F-secure Anti-virus Linux Client Security 5.52
F-secure F-secure Anti-virus Linux Client Security 5.30
F-secure F-secure Home Server Security 2009
F-secure F-secure Anti-virus For Windows Servers
F-secure F-secure Anti-virus For Microsoft Exchange 6.62
F-secure F-secure Internet Gatekeeper For Windows
F-secure F-secure Internet Gatekeeper For Linux
F-secure F-secure Anti-virus 7.02
F-secure F-secure Anti-virus 2009
F-secure F-secure Anti-virus Linux Client Security
F-secure F-secure Anti-virus Linux Client Security 5.53
F-secure F-secure Protection Service For Business
F-secure F-secure Protection Service For Business 3.00
890
VMScore
CVE-2008-0766
Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Manager (RPM) 4.5.1.11 and previous versions (Elite and Select) for Windows allows remote malicious users to execute arbitrary code via a long filename in a "Receive data file" LPD command. NOTE: some of ...
Brooks Internet Software Rpm Remote Print Manager Elite
Brooks Internet Software Rpm Remote Print Manager Select
NA
CVE-2022-38392
Certain 5400 RPM hard drives, for laptops and other PCs in approximately 2005 and later, allow physically proximate malicious users to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation musi...
* 5400rmp Oem Harddrive -
1 Github repository
1 Article
383
VMScore
CVE-2013-3704
The RPM GPG key import and handling feature in libzypp 12.15.0 and previous versions reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might allow remote malicious users to trick users into believing that the reposi...
Novell Libzypp
Novell Libzypp 12.3
Novell Libzypp 12.2
Novell Libzypp 12.1
Novell Libzypp 11.3
Novell Libzypp 11.4
Novell Libzypp 11.2
NA
CVE-2022-30272
The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy Configurator, firmware updates are performed through access to the Web UI where f...
Motorola Ace1000 Firmware -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »