CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2019/06/13 12:0 a.m.•109 views

Fedora Update for containernetworking-plugins FEDORA-2019-d2b57d3b19

7.5CVSS7.7AI score0.03119EPSS

OpenVAS•added 2019/06/13 12:0 a.m.•107 views

Fedora Update for podman FEDORA-2019-886b4d2fb6

7.5CVSS7.2AI score0.0046EPSS

Fedora•added 2019/06/12 2:48 p.m.•31 views

[SECURITY] Fedora 30 Update: podman-1.4.0-2.fc30

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the managemen t of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

7.5CVSS2.2AI score0.0046EPSS

Fedora•added 2019/06/12 2:48 p.m.•33 views

[SECURITY] Fedora 30 Update: containernetworking-plugins-0.7.5-1.fc30

The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resourc ...

7.5CVSS2.7AI score0.03119EPSS

NVD•added 2019/06/06 1:29 a.m.•18 views

CVE-2019-4185

IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975...

8.3CVSS8.2AI score0.0059EPSS

CVE•added 2019/06/06 12:35 a.m.•72 views

CVE-2019-4185

CVE-2019-4185 affects IBM InfoSphere Information Server containers running version 11.7.1. The vulnerability stems from an insecurely configured component that enables privilege escalation. IBM’s security bulletin lists the base score as 8.3 (CVSSv3) and confirms the affected product/version. Rem...

8.3CVSS8AI score0.0059EPSS

Exploits0References2Affected Software2

Veracode•added 2019/06/05 12:38 p.m.•10 views

Memory Leak

github.com/kubernetes/kubernetes on Windows is vulnerable to memory leak vulnerability. This is due to not closing containers when fetching container metrics...

6.6AI score

Veracode•added 2019/06/04 11:15 a.m.•23 views

Privilege Escalation

rkt is vulnerable to privilege escalation. An attacker with superuser previlage can exploit vulnerabilties in order to compromise a host when a user enters the kt rkt enter ’command equivalent to the‘ docker exec ’command via a module under its control accessing the containers...

7.7CVSS7.3AI score0.00471EPSS

NVD•added 2019/06/03 7:29 p.m.•24 views

CVE-2019-10144

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are given all capabilities during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

7.7CVSS7.1AI score0.00471EPSS

OSV•added 2019/06/03 7:29 p.m.•20 views

CVE-2019-10147

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are not limited by cgroups during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

7.7CVSS6.7AI score0.00451EPSS

OSV•added 2019/06/03 7:29 p.m.•17 views

CVE-2019-10144

7.7CVSS6.7AI score0.00471EPSS

UbuntuCve•added 2019/06/03 7:29 p.m.•45 views

CVE-2019-10145

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter do not have seccomp filtering during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

7.7CVSS7.1AI score0.00474EPSS

Exploits1References3

Prion•added 2019/06/03 7:29 p.m.•16 views

Design/Logic Flaw

6.9CVSS7.4AI score0.00474EPSS

Prion•added 2019/06/03 7:29 p.m.•14 views

Design/Logic Flaw

6.9CVSS7.4AI score0.00471EPSS

Prion•added 2019/06/03 7:29 p.m.•17 views

Design/Logic Flaw

6.9CVSS7.4AI score0.00451EPSS

Cvelist•added 2019/06/03 6:20 p.m.•26 views

CVE-2019-10145

7CVSS7.5AI score0.00474EPSS

RedhatCVE•added 2019/05/31 6:21 a.m.•23 views

CVE-2019-11245

In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 root on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. ...

7.8CVSS0.2AI score0.00599EPSS

Exploits1References4

Talos Blog•added 2019/05/30 10:10 a.m.•110 views

Threat Source newsletter (May 23)

Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Election security is a touchy — and oftentimes depressing — topic of conversation. So why not let Beer with Talos bring some levity...

7.4AI score

OpenVAS•added 2019/05/26 12:0 a.m.•19 views

Fedora Update for singularity FEDORA-2019-25ecc42592

9CVSS8.7AI score0.02127EPSS