ROOT-OS-ALPINE-318-CVE-2023-38470 CVE-2023-38470 in rootio-avahi - Patched by Root

Root has patched CVE-2023-38470 in the rootio-avahi package for Root:Alpine:3.18. Multiple fixed versions available...

CVE-2018-1000849

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...

CVE-2019-12875

Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key...

⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More

Cyber threats didn't slow down last week—and attackers are getting smarter. We're seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that's just the surface. From sleeper logic bombs to a fresh alliance...

EUVD-2021-17076

Malware in sbrugna...

EUVD-2019-14628

Malware in sbrugna...

EUVD-2017-18600

Malware in sbrugna...

EUVD-2018-2037

Malware in sbrugna...

EUVD-2021-15774

Malware in sbrugna...

EUVD-2019-4454

Malware in sbrugna...

EUVD-2021-22782

Malware in sbrugna...

EUVD-2022-27847

Malicious code in bioql PyPI...

📄 Init OpenRC Persistence

This Metasploit module will create a service on the box via OpenRC, and mark it for auto-restart. We need enough access to write service files and potentially restart services. Verified against alpine 3.21.2. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2022-22704

The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would in effect determine part of the configuration...

CVE-2021-29133

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

CVE-2021-36158

In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...

CVE-2021-30139

In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash...

ALPINE-CVE-2025-47268

ping in iputils before 20250602 allows a denial of service application error or incorrect data collection via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication...

SUSE-SU-2025:0857-1 Security update for build

This update for build fixes the following issues: - CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories bnc1230469 Other fixes: - Fixed behaviour when using '--shell' aka 'osc shell' option in a VM build. Startup is faster and permissions stay intact now. - fixes fo...

ALPINE-CVE-2024-50612

libsndfile through 1.2.2 has an oggvorbis.c vorbisanalysiswrote out-of-bounds read...