9218 matches found
CVE-2025-27519
Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...
CVE-2025-27519 Cognita Arbitrary File Write
Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...
CVE-2025-27519 Cognita Arbitrary File Write
Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...
CVE-2025-27519 Cognita Arbitrary File Write
Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...
CVE-2025-27519
CVE-2025-27519 concerns Cognita, a TrueFoundry RAG framework. A path traversal flaw exists in the Docker/deployed setup when LocalEnv is true, exploitable via /v1/internal/upload-to-local-directory. An attacker can overwrite /app/backend/init .py, and due to uvicorn with auto-reload in the contai...
SUSE CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-27650
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Private Keys in Docker Overlay V-2023-013...
tornado-docker 代码注入漏洞
tornado-docker is a Docmosis open source Docker image for Docmosis. A security vulnerability exists in tornado-docker version 2.9.7 and earlier. An attacker exploiting this vulnerability can remotely execute code...
CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
DEBIAN-CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
UBUNTU-CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-21834
Summary (mode C): CVE-2025-21834 relates to the Linux kernel where a seccomp passthrough for uretprobe systemcalls was not filtered. When uretprobes are attached to processes in Docker, the retprobe can cause the traced process to segfault because the default seccomp filters block this kernel-int...
CVE-2025-21834 seccomp: passthrough uretprobe systemcall without filtering
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-21834 seccomp: passthrough uretprobe systemcall without filtering
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-1696
A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive details—was written to log files in clear text whenever an...
CVE-2025-1696 Exposure of Proxy Credentials in Docker Desktop Logs
A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive details—was written to log files in clear text whenever an...
CVE-2025-1696 Exposure of Proxy Credentials in Docker Desktop Logs
A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive details—was written to log files in clear text whenever an...
CVE-2025-1696
The CVE-2025-1696 issue affects Docker Desktop prior to 4.39.0, where proxy configuration data could be written to log files in clear text on HTTP GET through a proxy. An attacker with log access could read sensitive proxy details. Starting with 4.39.0, Docker Desktop no longer logs the proxy str...
Low: ecs-init
Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...