Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rpm rpm vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2005-4889
lib/fsm.c in RPM prior to 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issu...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
Rpm Rpm 2.2.1
641
VMScore
CVE-2010-2059
lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM prior to 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link t...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
516
VMScore
CVE-2010-2197
rpmbuild in RPM 4.8.0 and previous versions does not properly parse the syntax of spec files, which allows user-assisted remote malicious users to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
641
VMScore
CVE-2010-2198
lib/fsm.c in RPM 4.8.0 and previous versions does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended ...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
641
VMScore
CVE-2010-2199
lib/fsm.c in RPM 4.8.0 and previous versions does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
605
VMScore
CVE-2008-6846
Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file.
Avast Avast Antivirus 1.0.8
Avast Avast Antivirus 1.0.5
Avast Avast Antivirus 1.0.5-1
676
VMScore
CVE-2008-6085
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote malicious users to execute arbitrary code via a crafted RPM compre...
F-secure F-secure Anti-virus For Workstations 7.11
F-secure F-secure Protection Service For Consumers 5.00
F-secure F-secure Anti-virus 2008
F-secure F-secure Anti-virus 2006
F-secure F-secure Anti-virus 2007
F-secure F-secure Anti-virus Linux Client Security 5.30
F-secure F-secure Anti-virus For Microsoft Exchange 7.00
F-secure F-secure Protection Service For Consumers 7.00
F-secure F-secure Internet Security 2008
F-secure F-secure Protection Service For Business
F-secure F-secure Linux Security
F-secure F-secure Anti-virus For Microsoft Exchange
F-secure F-secure Anti-virus 7.02
F-secure F-secure Anti-virus For Microsoft Exchange 6.62
F-secure F-secure Messaging Security Gateway 4.0.7
F-secure F-secure Anti-virus For Citrix Servers
F-secure F-secure Internet Gatekeeper For Linux
F-secure F-secure Anti-virus Linux Server Security 5.52
F-secure F-secure Client Security
F-secure F-secure Anti-virus Linux Server Security 5.30
F-secure F-secure Protection Service For Consumers
F-secure F-secure Anti-virus For Windows Servers
890
VMScore
CVE-2008-0766
Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Manager (RPM) 4.5.1.11 and previous versions (Elite and Select) for Windows allows remote malicious users to execute arbitrary code via a long filename in a "Receive data file" LPD command. NOTE: some of ...
Brooks Internet Software Rpm Remote Print Manager Elite
Brooks Internet Software Rpm Remote Print Manager Select
169
VMScore
CVE-2007-3849
Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) prior to 0.13.1 with a database that lacks checksum information, which allows context-dependent malicious users to bypass file integrity checks and modify certain files.
Redhat Enterprise Linux 5.0
481
VMScore
CVE-2006-5466
Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted malicious users to execute arbitrary code via crafted RPM packages.
Rpm Package Manager 4.4.8
Ubuntu Ubuntu Linux 6.06 Lts
Ubuntu Ubuntu Linux 6.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »