35 matches found
Security Bulletin: Nomad Docker driver Linux host namespace bypass
Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...
Nomad Docker driver vulnerable to host namespace bypass on Linux
Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver’s host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...
CVE-2025-14373 vulnerabilities
Vulnerabilities for packages: chromium...
Fedora: Security Advisory (FEDORA-2025-a315866a59)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-1077c09b50)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0470-1 Rating: important References: 1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes two vulnerabilities is now available...
Fedora 43 : chromium (2025-1077c09b50)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1077c09b50 advisory. Update to 143.0.7499.109 High: Under coordination Medium CVE-2025-14372: Use after free in Password Manager Medium CVE-2025-14373: Inappropriate...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
Debian: Security Advisory (DSA-6080-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2025-14373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted...
Chromium: CVE-2025-14373 Inappropriate implementation in Toolbar
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2025-14373
creationtimestamp| type| source ---|---|--- 2025-12-11 07:09:33+00:00| seen| https://poliverso.org/objects/0477a01e-aadfac76-299059661d03a15a 2025-12-11 08:10:56+00:00| seen| https://gist.github.com/Darkcrai86/87cde6000593f6d0721fa12704f418c5 2025-12-11 15:25:26+00:00| seen|...
Google Chrome Security Update (stable-channel-update-for-desktop_10-2025-12) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
KLA90822 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in Password Manager can be exploited to cause denial of...
Stable Channel Update for Desktop
The Stable channel has been updated to 143.0.7499.109/.110 for Windows/Mac and 143.0.7499.109 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. 2025-12-12: Updated to include more details for bug number 466192044 Security Fixe...
Linux Distros Unpatched Vulnerability : CVE-2020-14373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free was found in igcrelocstructptr of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial o...
Advisory ROSA-SA-2025-2549
Software: ghostscript 9.25 OS: rosa-server79 packageevrstring: ghostscript-9.25-5.0.3.res7 CVE-ID: CVE-2018-19478 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Artifex Ghostscript allows an attacker to run a lengthy calculation when processing a PDF file. CVE-STATUS: The vulnerabili...
Rocky Linux 8 : ghostscript (RLSA-2021:1852)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1852 advisory. - A use after free was found in igcrelocstructptr of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause ...
AlmaLinux 8 : ghostscript (ALSA-2021:1852)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1852 advisory. - A use after free was found in igcrelocstructptr of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a...