CVE-2020-15318

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree...

CVE-2005-1339

lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name...

CVE-2024-22036

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

CVE-2024-22036

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

CVE-2024-22036

CVE-2024-22036 describes a vulnerability in Rancher where a cluster/node driver can escape the chroot jail and gain root access to the Rancher container itself, with potential privilege escalation within the container and, in test/dev environments, possible escape to the host. The issue affects R...

Rancher 安全漏洞

Rancher is an open source container management platform open-sourced by Rancher in the United States, built for organizations that deploy containers in production environments. A security vulnerability exists in Rancher versions 2.7.0 through 2.7.16 prior, 2.8.0 through 2.8.9 prior, and 2.9.0...

CVE-2025-3364

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system...

CVE-2025-3364

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system...

CVE-2025-3364 HGiga PowerStation - Chroot Escape

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system...

CVE-2025-3364

CVE-2025-3364 concerns HGiga PowerStation: the SSH service exposes a Chroot Escape vulnerability that, if exploited by a user with root privileges, bypasses chroot restrictions and grants access to the entire filesystem. Multiple sources (NVD, Red Hat, CVE records) describe the issue, but none pr...

CVE-2025-3364 HGiga PowerStation - Chroot Escape

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system...

HGiga PowerStation 安全漏洞

HGiga PowerStation is a network load balancing system from China Henderson HGiga. A security vulnerability exists in HGiga PowerStation, which stems from a chroot restriction bypass that could lead to privileged users accessing the entire file system...

PT-2025-15325 · Unknown · Powerstation

Name of the Vulnerable Software and Affected Versions: PowerStation affected versions not specified Description: The issue concerns a Chroot Escape vulnerability in the SSH service, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system. This enabl...

sudo -- privilege escalation vulnerability through host and chroot options

Todd C. Miller reports, crediting Rich Mirch from Stratascale Cyber Research Unit CRU: Sudo 1.9.17p1: Fixed CVE-2025-32462. Sudo's -h --host option could be specified when running a command or editing a file. This could enable a local privilege escalation attack if the sudoers file allows the use...

PT-2024-19169 · Rancher +1 · Rancher +1

Name of the Vulnerable Software and Affected Versions: Rancher versions prior to 2.7.16 Rancher versions prior to 2.8.9 Rancher versions prior to 2.9.3 Description: A vulnerability has been identified in Rancher where a cluster or node driver can be used to escape the chroot jail and gain root...

USN-7046-1: Flatpak and Bubblewrap vulnerability

It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in locations it would not normally have access to. A patch was also needed to Bubblewrap in order to avoid race conditions caused by this fix...

SUSE-SU-2024:3151-1 Security update for buildah

This update for buildah fixes the following issues: Update to version 1.35.4: Bump to Buildah v1.35.4 CVE-2024-3727 updates bsc1224117 integration test: handle new labels in 'bud and test --unsetlabel' Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3:...

[SECURITY] Fedora 40 Update: darkhttpd-1.16-1.fc40

darkhttpd is a secure, lightweight, fast and single-threaded HTTP/1.1 server. Features: Simple to set up: Single binary, no other files. Standalone, doesn't need inetd or ucspi-tcp. No messing around with config files. Written in C - efficient and portable. Small memory footprint. Event loop,...

CBL Mariner 2.0 Security Update: coreutils (CVE-2016-2781)

The version of coreutils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2016-2781 advisory. - chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via...

go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution...