Lucene search
K

72 matches found

Vulnrichment
Vulnrichment
added 2026/05/20 11:25 a.m.9 views

CVE-2025-31973 HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

4CVSS5.8AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2026/05/20 11:25 a.m.23 views

CVE-2025-31973

Technical details for CVE-2025-31973 are not publicly available in the provided documents. Monitor for updates.

9.8CVSS5.8AI score0.00178EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.16 views

PT-2026-42144

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

4CVSS5.8AI score0.00178EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.15 views

PT-2026-42219

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or...

8.1CVSS5.8AI score0.00586EPSS
Exploits0References3
Nvidia
Nvidia
added 2026/05/19 12:0 a.m.11 views

Security Bulletin: NVIDIA DGX Spark - May 2026

NVIDIA has released a software update for NVIDIA® DGX Spark. To protect your system, download and install the latest version of NVIDIA DGX OS from the NVIDIA DGX site. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update...

8.1CVSS5.8AI score0.00586EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/11 2:27 p.m.14 views

GHSA-78F9-R8MH-4XM2 BentoML Dockerfile command injection via docker.base_image (sister of pending GHSA-w2pm-x38x-jp44 / CVE-2026-33744 / CVE-2026-35043)

The same Dockerfile template that mishandles envs.name pending GHSA-w2pm-x38x-jp44 also interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious bento.yaml with a multi-line docker.baseimage value smuggles arbitrary Dockerfile directives into the generated...

8.8CVSS6AI score0.00317EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/11 2:27 p.m.11 views

BentoML Dockerfile command injection via docker.base_image (sister of pending GHSA-w2pm-x38x-jp44 / CVE-2026-33744 / CVE-2026-35043)

The same Dockerfile template that mishandles envs.name pending GHSA-w2pm-x38x-jp44 also interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious bento.yaml with a multi-line docker.baseimage value smuggles arbitrary Dockerfile directives into the generated...

8.8CVSS6AI score0.00317EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/05/11 2:27 p.m.8 views

Command Injection

Overview bentoml is a BentoML: Build Production-Grade AI Applications Affected versions of this package are vulnerable to Command Injection via the docker.baseimage configuration parameter. An attacker can execute arbitrary commands on the host system by supplying a malicious multi-line value in...

8.8CVSS6.1AI score0.00317EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/11 11:23 a.m.28 views

Important: Red Hat Security Advisory: Red Hat Ceph Storage

A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1. This release updates to the latest version...

7.5CVSS7.2AI score0.03092EPSS
Exploits3References9
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.16 views

PT-2026-39663

Name of the Vulnerable Software and Affected Versions BentoML versions prior to 1.4.39 Description BentoML is a Python library used for building online serving systems optimized for AI applications and model inference. The issue occurs because the template src/bentoml/...

8.8CVSS5.9AI score0.00317EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 1:38 p.m.16 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.23 LTS and 13.1.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

9.2CVSS5.7AI score0.01092EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/16 7:35 p.m.7 views

Moderate: Red Hat Security Advisory: New container image: rhceph-9.0

A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 9.0. This release updates to the latest version...

5.4CVSS7AI score0.01006EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/24 10:0 a.m.46 views

Important: Red Hat Security Advisory: Red Hat Ceph Storage

A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1. This release updates to the latest version...

8.4CVSS6.8AI score0.00955EPSS
Exploits4References16
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.5 views

HCL AION 安全漏洞

HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a security bypass vulnerability that is caused by a container base image not being properly authenticated. An attacker can exploit the vulnerability to cause the use of an untrusted container image...

7.2CVSS5.8AI score0.00127EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/05 1:53 p.m.14 views

Security Bulletin: Security vulnerabilities found in the Red Hat Universal Minimal Base Image shipped with CICS Transaction Gateway for Multiplatforms

Summary Security vulnerabilities found in the Red Hat Universal Base Image Minimal shipped with CICS Transaction Gateway for Multiplatforms. This fix resolves these vulnerability CVE-2025-9230, CVE-2025-9086, CVE-2025-9230. Vulnerability Details CVEID:CVE-2025-11083 DESCRIPTION: A vulnerability h...

7.8CVSS5.5AI score0.01744EPSS
Exploits2Affected Software1
Veeam
Veeam
added 2026/03/02 12:0 a.m.17 views

List of Security Fixes and Improvements in Veeam Kasten for Kubernetes

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Kasten for Kubernetes. This article aims to provide our customers' security and compliance teams with detailed information on security improvements. Full product release notes...

10CVSS6.8AI score0.01945EPSS
Exploits4Affected Software1
RedHat Linux
RedHat Linux
added 2026/02/26 11:2 a.m.7 views

Important: Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.9.0 release

Red Hat build of OpenTelemetry 3.9.0 has been released This release of the Red Hat build of OpenTelemetry provides new features, security improvements, and bug fixes. Breaking changes: The deprecated OpenCensus Receiver, which provided backward compatibility with the OpenCensus project for easier...

7.5CVSS7AI score0.01945EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/16 12:56 p.m.8 views

Important: Red Hat Security Advisory: Red Hat Ceph Storage

A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1. This release updates to the latest version...

9.4CVSS7AI score0.04087EPSS
Exploits7References20
RedHat Linux
RedHat Linux
added 2026/02/11 2:34 p.m.9 views

Important: Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update

The latest release of Red Hat Update Infrastructure. For more details, see the product documentation. Red Hat Update Infrastructure RHUI container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images. This release updates to the latest version...

9.8CVSS7.1AI score0.47621EPSS
Exploits10References24
OSV
OSV
added 2026/02/05 6:2 p.m.4 views

GHSA-X9P2-77V6-6VHF FrankenPHP has delayed propagation of security fixes in upstream base images

Delayed propagation of security fixes in upstream base images Summary Vulnerability in base Docker images PHP, Go, and Alpine not automatically propagating to FrankenPHP images. FrankenPHP's container images were previously built only when specific version tags were updated or when manual trigger...

9.8CVSS8AI score
Exploits0References2
Rows per page
Query Builder