Lucene search
K

795 matches found

RedHat Linux
RedHat Linux
added 2025/11/13 9:10 a.m.6 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.1AI score0.00523EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/11/13 9:10 a.m.3 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
OSV
OSV
added 2025/11/12 12:49 p.m.3 views

SUSE-SU-2025:4080-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 - CVE-2025-52881: Fixed...

8.4CVSS6.8AI score0.0067EPSS
Exploits4References7
SUSE Linux
SUSE Linux
added 2025/11/12 12:48 p.m.15 views

Security update for podman

This update for podman fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 CVE-2025-52881: Fixed...

7.8CVSS6.9AI score0.0067EPSS
Exploits4References10
RedhatCVE
RedhatCVE
added 2025/11/11 1:41 p.m.5 views

CVE-2025-11207

Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS8.2AI score0.00243EPSS
Exploits0References5
NVD
NVD
added 2025/11/10 8:15 p.m.5 views

CVE-2025-12429

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00267EPSS
Exploits0References2
OSV
OSV
added 2025/11/10 8:15 p.m.3 views

CVE-2025-12428

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2025/11/09 7:52 a.m.8 views

MGASA-2025-0271 Updated opencontainers-runc packages fix security vulnerabilities

The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...

8.4CVSS6.9AI score0.0067EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2025/11/07 6:11 p.m.4 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/07 6:11 p.m.18 views

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.4CVSS7.1AI score0.0067EPSS
Exploits4References4
NVD
NVD
added 2025/11/06 10:15 p.m.7 views

CVE-2025-11207

Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00243EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/06 8:23 p.m.5 views

EUVD-2025-37940

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...

7.3CVSS6.2AI score0.00523EPSS
Exploits1References28
SUSE Linux
SUSE Linux
added 2025/11/05 10:23 a.m.23 views

Security update for runc

This update for runc fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252232. CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252232. CVE-2025-52881: Fixed...

7.8CVSS7AI score0.0067EPSS
Exploits4References8
OSV
OSV
added 2025/11/05 10:23 a.m.10 views

SUSE-SU-2025:3951-1 Security update for runc

This update for runc fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252232. - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252232. - CVE-2025-52881: Fixed...

8.4CVSS7AI score0.0067EPSS
Exploits4References5
RedhatCVE
RedhatCVE
added 2025/11/05 12:8 a.m.13 views

CVE-2025-54327

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...

6.5CVSS7AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 8:17 p.m.9 views

CVE-2025-54327

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...

6.5CVSS0.00203EPSS
Exploits0References2
CVE
CVE
added 2025/11/04 12:0 a.m.17 views

CVE-2025-54327

CVE-2025-54327 concerns the VTS driver in Samsung’s Exynos-based mobile/wearable processors (Exynos 1280, 2200, 1380, W920, W930, W1000). The initial and connected sources consistently state that improper input validation in the VTS driver allows an arbitrary write. The details describe the affec...

6.5CVSS6.6AI score0.00203EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/11/04 12:0 a.m.10 views

CVE-2025-54327

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...

0.00203EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.7 views

PT-2025-45039

🚨 CVE-2025-54327 An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write. 🎖@cveNotify...

6.5CVSS7AI score0.00203EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/04 12:0 a.m.5 views

CVE-2025-54327

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...

6.6AI score0.00203EPSS
Exploits0References2
Rows per page
Query Builder