Vulnerabilities (CVE)

Filtered by vendor Packagekit Project Subscribe

Filtered by product Packagekit

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2011-2515	3 Debian, Packagekit Project, Redhat	3 Debian Linux, Packagekit, Enterprise Linux Server	2019-12-11	4.6 MEDIUM	5.3 MEDIUM
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.
CVE-2018-1106	4 Canonical, Debian, Packagekit Project and 1 more	9 Ubuntu Linux, Debian Linux, Packagekit and 6 more	2019-10-09	2.1 LOW	5.5 MEDIUM
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.