384 matches found
EUVD-2014-4779
Malware in sbrugna...
EUVD-2014-4778
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414377)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414377 advisory. An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. Tenable has...
EUVD-2023-2961
Malicious code in bioql PyPI...
EUVD-2024-37610
Malicious code in bioql PyPI...
EUVD-2022-43604
Malicious code in bioql PyPI...
EUVD-2024-43540
Malicious code in bioql PyPI...
EUVD-2022-0936
Malicious code in bioql PyPI...
EUVD-2024-42892
Malicious code in bioql PyPI...
EUVD-2022-28681
Malicious code in bioql PyPI...
EUVD-2022-7769
Malicious code in bioql PyPI...
EUVD-2025-25141
Malicious code in bioql PyPI...
EUVD-2025-17516
Malicious code in bioql PyPI...
EUVD-2024-2618
Malicious code in bioql PyPI...
EUVD-2023-2895
Malicious code in bioql PyPI...
Namespace Label Injection
github.com/projectcapsule/capsule is vulnerable to namespace label injection. The vulnerability is due to improper validation of labels in system namespaces, which allows an attacker to inject arbitrary labels, bypass multi-tenant isolation, and escalate privileges to access cross-tenant resource...
Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects.
...
GO-2025-3893 Capsule tenant owners with "patch namespace" permission can hijack system namespaces label in github.com/projectcapsule/capsule
Capsule tenant owners with "patch namespace" permission can hijack system namespaces label in github.com/projectcapsule/capsule...
The Bug Report – August 2025 Edition
The Bug Report – August 2025 Edition By Jonathan Omakun, Tola Olawale · August 27, 2025 Why am I here? Welcome back to The Bug Report! Did you miss us? The Trellix Advanced Research Center has been playing a high-stakes game of whack-a-mole with this month's vulnerabilities. We've dug through all...
CVE-2025-55205
Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation...