PackageKit is a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-arch

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impa

A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allo

PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of f

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trus

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to ins

The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method