| Max CVSS | 10.0 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-3378 | 9.3 |
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a pa
|
13-02-2023 - 04:32 | 24-12-2011 - 19:55 | |
| CVE-2014-8118 | 10.0 |
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
|
13-02-2023 - 00:42 | 16-12-2014 - 18:59 | |
| CVE-2013-6435 | 7.6 |
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the
|
13-02-2023 - 00:29 | 16-12-2014 - 18:59 | |
| CVE-2012-0815 | 6.8 |
The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly ha
|
18-01-2018 - 02:29 | 04-06-2012 - 20:55 |