CVE-2025-34234 Vasion Print (formerly PrinterLogic) Hardcoded Encryption Private Keys

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

CVE-2025-34218

Vasion Print Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 expose internal Docker containers via the gw Docker instance. The gateway’s /meta endpoint lists micro‑services and versions, and the containers are reachable over HTTP/HTTPS without ACLs, authentication, or...

CVE-2025-34218 Vasion Print (formerly PrinterLogic) Exposed Internal Docker Instance

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments expose internal Docker containers through the gw Docker instance. The gateway publishes a /meta endpoint which lists every micro‑service container...

CVE-2025-34218 Vasion Print (formerly PrinterLogic) Exposed Internal Docker Instance

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments expose internal Docker containers through the gw Docker instance. The gateway publishes a /meta endpoint which lists every micro‑service container...

PT-2025-39886

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 25.2.169 Vasion Print Application versions prior to 25.2.1518 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and Application deployments expose internal Docker containers to the network due...

[SECURITY] Fedora 42 Update: trustee-guest-components-0.13.0-3.fc42

Running in a confidential VM, gather confidential-computing evidence, send it to Trustee and get secrets. A part of the confidential-containers project...

Kata Containers coco-tdx malicious host can circumvent initdata verification

...

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service

Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers...

CVE-2025-58354

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...

CVE-2025-58354 Kata Containers coco-tdx malicious host can circumvent initdata verification

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...

CVE-2025-58354

Kata Containers prior to 3.21.0 are affected. On TDX systems with confidential guests, a malicious host can bypass initdata verification, allowing the attacker to launch arbitrary workloads while maintaining valid trustee attestation to impersonate benign workloads. The issue has been fixed in Ka...

CVE-2025-58354 Kata Containers coco-tdx malicious host can circumvent initdata verification

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...

CVE-2025-58354 Kata Containers coco-tdx malicious host can circumvent initdata verification

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service DDoS attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web...

Kata Containers 代码问题漏洞

Kata Containers is an open source lightweight virtual machine builder from the Kata Containers community. A code issue vulnerability exists in Kata Containers 3.20.0 and prior versions, which stems from a malicious host that can bypass initdata authentication, potentially allowing an attacker to...

PT-2025-39220

Name of the Vulnerable Software and Affected Versions Kata Containers versions prior to 3.21.0 Description Kata Containers is an open source project focused on lightweight Virtual Machines that function like containers. In versions prior to 3.21.0, a malicious host can bypass initdata verificatio...

[SECURITY] Fedora 41 Update: prometheus-podman-exporter-1.18.1-1.fc41

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

[SECURITY] Fedora 42 Update: prometheus-podman-exporter-1.18.1-1.fc42

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.18.1-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

CVE-2025-34203

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 VA and SaaS deployments contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components examples:...