Lucene search
+L

946 matches found

Ubuntu
Ubuntu
added 2026/05/22 7:17 p.m.26 views

USN-8281-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

7.8CVSS7.3AI score0.96267EPSS
Exploits230
Cvelist
Cvelist
added 2026/05/22 6:32 p.m.24 views

CVE-2026-6406 Docker Desktop Enhanced Container Isolation bypass via --use-api-socket CLI flag

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

8.8CVSS0.00211EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 6:32 p.m.8 views

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

8.8CVSS7.3AI score0.00211EPSS
Exploits0References3Affected Software1
GithubExploit
GithubExploit
added 2026/05/22 4:30 p.m.111 views

Exploit for CVE-2026-5817

CVE-2026-5817: Docker Model Runner container-to-host RCE / Esc...

6.5AI score0.00224EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/05/22 2:5 p.m.27 views

USN-8277-2: Linux kernel (Oracle) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.1AI score0.96267EPSS
Exploits230
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.8 views

Docker Desktop < 4.71.0 Container Escape (CVE-2026-5843)

The version of Docker Desktop installed on the remote host is prior to 4.71.0. It is, therefore, affected by a container escape vulnerability: - A container-to-host code execution vulnerability exists in the Docker Model Runner MLX inference backend. An attacker with access to a container could...

8.8CVSS6.5AI score0.00224EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.16 views

Docker Desktop < 4.68.0 Container Escape (CVE-2026-5817)

The version of Docker Desktop installed on the remote host is prior to 4.68.0. It is, therefore, affected by a container escape vulnerability: - A container-to-host code execution vulnerability exists in the Docker Model Runner vllm-metal inference backend. An attacker with access to a container...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/05/21 3:15 p.m.107 views

cve-2026-poc-collection

CVE-2026 PoC Collection Report Collection date: May 19, 2...

7.8CVSS8AI score0.981EPSS
Exploits338
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.23 views

Ubuntu 24.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8289-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8289-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS6.9AI score0.96267EPSS
Exploits230References196
OSV
OSV
added 2026/05/20 11:6 p.m.21 views

USN-8289-1 linux-nvidia, linux-nvidia-lowlatency vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96267EPSS
Exploits230References196
Ubuntu
Ubuntu
added 2026/05/20 11:6 p.m.24 views

USN-8289-1: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96267EPSS
Exploits230
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

Incorrect verifier pruning in the BPF module of the Linux kernel version 5.4 and above leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/writes to kernel memory, lateral privilege escalation, and container escapes...

10CVSS7.2AI score0.03546EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/19 10:51 p.m.20 views

USN-8280-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7.3AI score0.96267EPSS
Exploits230
OSV
OSV
added 2026/05/19 10:51 p.m.17 views

USN-8280-1 linux, linux-aws, linux-aws-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7.3AI score0.96267EPSS
Exploits230References7
Ubuntu
Ubuntu
added 2026/05/19 10:44 p.m.47 views

USN-8279-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96267EPSS
Exploits230
OSV
OSV
added 2026/05/19 10:33 p.m.19 views

USN-8278-1 linux, linux-aws, linux-aws-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96267EPSS
Exploits230References197
Ubuntu
Ubuntu
added 2026/05/19 10:33 p.m.20 views

USN-8278-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96267EPSS
Exploits230
Ubuntu
Ubuntu
added 2026/05/19 10:20 p.m.35 views

USN-8277-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96267EPSS
Exploits230
RustSec
RustSec
added 2026/05/16 12:0 p.m.16 views

OCI layer symlink escape → arbitrary host write

Affected versions of boxlite extract OCI image layer tarballs without fully containing path resolution to the extraction root. A crafted layer containing a symlink whose target is an absolute on-host path e.g. escape - /tmp followed by a file entry that resolves through that symlink e.g...

9.6CVSS5.8AI score0.00482EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/11 4:26 p.m.8 views

USN-8267-1 linux-azure, linux-azure-fips, linux-oracle vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.9AI score0.00296EPSS
Exploits0References20
Rows per page
Query Builder