Lucene search
K

35 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: Nomad Docker driver Linux host namespace bypass

Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...

7.7CVSS5.9AI score0.00248EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2 days ago6 views

Nomad Docker driver vulnerable to host namespace bypass on Linux

Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver’s host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...

7.7CVSS6.1AI score0.00248EPSS
Exploits0Affected Software1
Wolfi
Wolfi
added 2025/12/23 7:48 p.m.14 views

CVE-2025-14373 vulnerabilities

Vulnerabilities for packages: chromium...

4.3CVSS7AI score0.00272EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/12/17 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-a315866a59)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.00272EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/12/17 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-1077c09b50)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.00272EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2025/12/16 12:0 a.m.5 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0470-1 Rating: important References: 1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes two vulnerabilities is now available...

6.1CVSS6.8AI score0.00272EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.6 views

Fedora 43 : chromium (2025-1077c09b50)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1077c09b50 advisory. Update to 143.0.7499.109 High: Under coordination Medium CVE-2025-14372: Use after free in Password Manager Medium CVE-2025-14373: Inappropriate...

6.1CVSS6AI score0.00272EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/12 7:20 p.m.17 views

CVE-2025-14373

Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00272EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/12 7:20 p.m.6 views

CVE-2025-14373

Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.7AI score0.00272EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/12/12 12:0 a.m.2 views

Debian: Security Advisory (DSA-6080-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.8AI score0.00272EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-14373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/12/11 10:29 p.m.15 views

Chromium: CVE-2025-14373 Inappropriate implementation in Toolbar

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS6.4AI score0.00272EPSS
Exploits0
Circl
Circl
added 2025/12/11 7:9 a.m.6 views

CVE-2025-14373

creationtimestamp| type| source ---|---|--- 2025-12-11 07:09:33+00:00| seen| https://poliverso.org/objects/0477a01e-aadfac76-299059661d03a15a 2025-12-11 08:10:56+00:00| seen| https://gist.github.com/Darkcrai86/87cde6000593f6d0721fa12704f418c5 2025-12-11 15:25:26+00:00| seen|...

4.3CVSS5.1AI score0.00272EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2025/12/11 12:0 a.m.5 views

Google Chrome Security Update (stable-channel-update-for-desktop_10-2025-12) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

8.8CVSS8.1AI score0.22359EPSS
Exploits10References3
Kaspersky
Kaspersky
added 2025/12/11 12:0 a.m.5 views

KLA90822 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in Password Manager can be exploited to cause denial of...

6.1CVSS8.1AI score0.00272EPSS
Exploits0References4
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2025/12/10 12:0 a.m.22 views

Stable Channel Update for Desktop

The Stable channel has been updated to 143.0.7499.109/.110 for Windows/Mac and 143.0.7499.109 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. 2025-12-12: Updated to include more details for bug number 466192044 Security Fixe...

8.8CVSS6.8AI score0.22359EPSS
Exploits10Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-14373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free was found in igcrelocstructptr of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial o...

5.5CVSS6.3AI score0.00453EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2025/01/13 9:39 a.m.15 views

Advisory ROSA-SA-2025-2549

Software: ghostscript 9.25 OS: rosa-server79 packageevrstring: ghostscript-9.25-5.0.3.res7 CVE-ID: CVE-2018-19478 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Artifex Ghostscript allows an attacker to run a lengthy calculation when processing a PDF file. CVE-STATUS: The vulnerabili...

5.5CVSS6.5AI score0.01888EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.27 views

Rocky Linux 8 : ghostscript (RLSA-2021:1852)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1852 advisory. - A use after free was found in igcrelocstructptr of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause ...

7.8CVSS6.5AI score0.02258EPSS
Exploits26References55
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.48 views

AlmaLinux 8 : ghostscript (ALSA-2021:1852)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1852 advisory. - A use after free was found in igcrelocstructptr of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a...

7.8CVSS6.5AI score0.02258EPSS
Exploits26References27
Rows per page
Query Builder