2670 matches found
CVE-2025-41242
Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: the application is deployed as a WAR or with an embedded Servlet container the Servlet...
CVE-2025-41242 CVE-2025-41242: Path traversal vulnerability on non-compliant Servlet containers
Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: the application is deployed as a WAR or with an embedded Servlet container the Servlet...
VMware Spring Framework 安全漏洞
VMware Spring Framework is a set of open source Java, JavaEE application frameworks from VMware. The framework helps developers build high-quality applications. A security vulnerability exists in VMware Spring Framework that stems from a path traversal vulnerability on a non-compliant servlet...
Linux Distros Unpatched Vulnerability : CVE-2021-21334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through...
[SECURITY] Fedora 41 Update: apptainer-1.4.2-1.fc41
Apptainer provides functionality to make portable containers that can be used across host environments...
CVE-2025-40767
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host...
CVE-2025-40766
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...
CVE-2025-40767
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host...
CVE-2025-40766
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...
CVE-2025-40766
The CVE-2025-40766 vulnerability affects Siemens SINEC Traffic Analyzer versions prior to 3.0. The issue arises from docker containers running with insufficient resource and security limitations, enabling a local attacker to perform a denial-of-service (DoS) attack. Evidence across multiple sourc...
PT-2025-32661
Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer versions prior to 3.0 Description: The application runs docker containers without adequate resource and security limitations, which could allow an attacker to perform a denial-of-service DoS attack. Recommendations:...
Linux Distros Unpatched Vulnerability : CVE-2021-32635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, singularity action commands run/shell/exec...
ALSA-2025:13674 Important: toolbox security update
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fixes: nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Contain...
Linux Distros Unpatched Vulnerability : CVE-2025-6432
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding...
[SECURITY] Fedora 41 Update: moby-engine-28.3.3-1.fc41
Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between =E2=80=94 and...
Linux Distros Unpatched Vulnerability : CVE-2022-1706
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to incorrect permissions set on the /etc/passwd file during the build process. An attacker can gain elevated privileges by modifying the /etc/passwd file if they have the ability to execute commands...
CVE-2025-4574 affecting package kata-containers for versions less than 3.18.0.kata0-1
CVE-2025-4574 affecting package kata-containers for versions less than 3.18.0.kata0-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-5791 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7
CVE-2025-5791 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7. A patched version of the package is available...
CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7
CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7. A patched version of the package is available...