CVE-2025-12985 License Service: Privilege escalation vulnerability

IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image...

Race Condition Enabling Link Following

Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...

CVE-2025-33003

CVE-2025-33003 affects IBM InfoSphere Information Server versions 11.7.0.0 to 11.7.1.6. The Red Hat and IBM bulletins confirm a privilege-escalation issue where a non-root user could gain higher privileges within a container due to execution with unnecessary privileges. Exploitation details are n...

CVE-2024-47120

CVE-2024-47120 affects IBM Security Verify Information Queue (ISIQ) versions 10.0.5–10.0.8. Connected sources indicate the root cause is containers running with unnecessary privileges, enabling a privileged user to escalate privileges and expand the host attack surface. The IBM security bulletin ...

PT-2024-37451 · Hewlett Packard · Hpe Athonet Mobile Core

Name of the Vulnerable Software and Affected Versions: HPE Athonet Mobile Core software affected versions not specified Description: A security issue has been identified in the core application of HPE Athonet Mobile Core software, where a code injection vulnerability allows a threat actor to...