Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
packagekit project vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2013-1764
The Zypper (aka zypp) backend in PackageKit prior to 0.8.8 allows local users to downgrade packages via the "install updates" method.
Packagekit Project Packagekit
Packagekit Project Packagekit 0.8.6
Packagekit Project Packagekit 0.8.5
Packagekit Project Packagekit 0.8.4
Packagekit Project Packagekit 0.8.3
Packagekit Project Packagekit 0.8.1
Packagekit Project Packagekit 0.8.2
187
VMScore
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
Packagekit Project Packagekit
Redhat Enterprise Linux 9.0
187
VMScore
CVE-2020-16121
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
Packagekit Project Packagekit -
Canonical Ubuntu Linux 20.04
NA
CVE-2024-0217
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other al...
Packagekit Project Packagekit
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
187
VMScore
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages.
Packagekit Project Packagekit -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
409
VMScore
CVE-2011-2515
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.
Packagekit Project Packagekit 0.6.17
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Server 6.0
169
VMScore
CVE-2013-0200
HP Linux Imaging and Printing (HPLIP) up to and including 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out t...
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.9.12
Hp Linux Imaging And Printing Project 1.0
Hp Linux Imaging And Printing Project 2.7.10
Hp Linux Imaging And Printing Project 2.0
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.9.10
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.8
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project
Hp Linux Imaging And Printing Project 3.11.3
Hp Linux Imaging And Printing Project 3.11.5
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.10.2
Hp Linux Imaging And Printing Project 3.11.7
Redhat Enterprise Linux 6.0
187
VMScore
CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing (HPLIP) up to and including 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
Hp Linux Imaging And Printing Project
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.13.5
Hp Linux Imaging And Printing Project 3.13.4
Hp Linux Imaging And Printing Project 3.12.6
Hp Linux Imaging And Printing Project 3.12.4
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.13.8
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.13.3
Hp Linux Imaging And Printing Project 3.13.2
Hp Linux Imaging And Printing Project 3.12.2
Hp Linux Imaging And Printing Project 3.11.12
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.13.10
Hp Linux Imaging And Printing Project 3.13.9
605
VMScore
CVE-2013-6427
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x up to and including 3.13.11 launches a program from an http URL, which allows man-in-the-middle malicious users to execute arbitrary code by gaining control over the client-server data stream.
Hp Linux Imaging And Printing Project 3.11.3a
Hp Linux Imaging And Printing Project 3.13.5
Hp Linux Imaging And Printing Project 3.13.4
Hp Linux Imaging And Printing Project 3.12.4
Hp Linux Imaging And Printing Project 3.12.2
Hp Linux Imaging And Printing Project 3.11.1
Hp Linux Imaging And Printing Project 3.10.9
Hp Linux Imaging And Printing Project 3.9.6
Hp Linux Imaging And Printing Project 3.9.4
Hp Linux Imaging And Printing Project 3.13.8
Hp Linux Imaging And Printing Project 3.9.4b
Hp Linux Imaging And Printing Project 3.13.3
Hp Linux Imaging And Printing Project 3.13.2
Hp Linux Imaging And Printing Project 3.11.12
Hp Linux Imaging And Printing Project 3.11.10
Hp Linux Imaging And Printing Project 3.10.6
Hp Linux Imaging And Printing Project 3.10.5
Hp Linux Imaging And Printing Project 3.9.2
Hp Linux Imaging And Printing Project 3.13.7
Hp Linux Imaging And Printing Project 3.13.6
Hp Linux Imaging And Printing Project 3.12.10
Hp Linux Imaging And Printing Project 3.12.9
828
VMScore
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »