Lucene search
K

326 matches found

HackRead
HackRead
added 2025/04/14 8:54 p.m.12 views

Incomplete Patch Leaves NVIDIA and Docker Users at Risk

NVIDIA's incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized environments. This article explains the risks and mitigation strategies...

7.5AI score
Exploits0
AlpineLinux
AlpineLinux
added 2025/04/10 11:21 a.m.5 views

CVE-2025-32755

In jenkins/ssh-slave Docker images based on Debian, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the same SSH host keys, allowing attackers able to insert themselves into the network path between the SSH...

9.1CVSS7.2AI score0.00449EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.9 views

Azure Linux 3.0 Security Update: cifs-utils (CVE-2025-2312)

The version of cifs-utils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2312 advisory. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from...

5.9CVSS6.9AI score0.00149EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/09 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: cifs-utils (CVE-2025-2312)

The version of cifs-utils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2312 advisory. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from...

5.9CVSS6.9AI score0.00149EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.7 views

cifs.upcall makes an upcall to the wrong namespace in containerized environments

...

5.9CVSS7.1AI score0.00149EPSS
Exploits0
OSV
OSV
added 2025/03/25 6:15 p.m.6 views

CVE-2025-2312

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...

5.9CVSS5.6AI score
Exploits0References2
OSV
OSV
added 2025/03/25 6:15 p.m.3 views

DEBIAN-CVE-2025-2312

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...

5.9CVSS6.8AI score0.00149EPSS
Exploits0References1
CVE
CVE
added 2025/03/25 6:8 p.m.150 views

CVE-2025-2312

CVE-2025-2312 affects cifs-utils (cifs.upcall) where, in containerized environments, an upcall is made to the wrong namespace, risking disclosure of the host Kerberos credentials cache. Public advisories across multiple distributions (Debian, Mageia, Alpine Linux, CBL-Mariner) confirm the flaw an...

5.9CVSS6.5AI score0.00149EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/03/25 6:8 p.m.25 views

CVE-2025-2312

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...

5.9CVSS6.8AI score0.00149EPSS
Exploits0
Cvelist
Cvelist
added 2025/03/25 6:8 p.m.12 views

CVE-2025-2312 cifs.upcall makes an upcall to the wrong namespace in containerized environments

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...

5.9CVSS0.00149EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.5 views

Azure Linux 3.0 Security Update: cert-manager / containerd / containerd2 / containerized-data-importer / dcos-cli / influxdb (CVE-2025-27144)

The version of cert-manager / containerd / containerd2 / containerized-data-importer / dcos-cli / influxdb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27144 advisory. - Go JOSE provides an...

8.7CVSS6.8AI score0.00369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.19 views

Azure Linux 3.0 Security Update: azcopy / blobfuse2 / cert-manager / containerized-data-importer / coredns (CVE-2025-22868)

The version of azcopy / blobfuse2 / cert-manager / containerized-data-importer / coredns installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22868 advisory. - An attacker can pass a malicious malforme...

7.5CVSS7AI score0.00804EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/03/13 3:10 p.m.6 views

CVE-2025-22868 affecting package containerized-data-importer for versions less than 1.57.0-13

CVE-2025-22868 affecting package containerized-data-importer for versions less than 1.57.0-13. A patched version of the package is available...

7.5CVSS7.6AI score0.00804EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/03/13 3:10 p.m.6 views

CVE-2025-27144 affecting package containerized-data-importer for versions less than 1.57.0-13

CVE-2025-27144 affecting package containerized-data-importer for versions less than 1.57.0-13. A patched version of the package is available...

8.7CVSS7.8AI score0.00369EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/03/13 3:10 p.m.5 views

CVE-2023-3978 affecting package containerized-data-importer for versions less than 1.57.0-12

CVE-2023-3978 affecting package containerized-data-importer for versions less than 1.57.0-12. A patched version of the package is available...

6.1CVSS6.7AI score0.00843EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/03/13 3:10 p.m.6 views

CVE-2023-45288 affecting package containerized-data-importer for versions less than 1.57.0-11

CVE-2023-45288 affecting package containerized-data-importer for versions less than 1.57.0-11. A patched version of the package is available...

7.5CVSS8AI score0.91969EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/03/12 9:13 p.m.6 views

CVE-2025-27144 affecting package containerized-data-importer for versions less than 1.55.0-23

CVE-2025-27144 affecting package containerized-data-importer for versions less than 1.55.0-23. A patched version of the package is available...

8.7CVSS7.7AI score0.00369EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: azcopy / blobfuse2 / cert-manager / containerized-data-importer / coredns (CVE-2025-22868)

The version of azcopy / blobfuse2 / cert-manager / containerized-data-importer / coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22868 advisory. - An attacker can pass a malicious malforme...

7.5CVSS7AI score0.00804EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 8:14 a.m.6 views

AZL-57356 CVE-2025-22868 affecting package containerized-data-importer for versions less than 1.57.0-13

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

7.5CVSS6.6AI score0.00804EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2024:2638-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
Rows per page
Query Builder