2670 matches found
ovn: egress ACLs may be bypassed via specially crafted UDP packet
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
ovn: egress ACLs may be bypassed via specially crafted UDP packet
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
ovn: egress ACLs may be bypassed via specially crafted UDP packet
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
ovn: egress ACLs may be bypassed via specially crafted UDP packet
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
ovn: egress ACLs may be bypassed via specially crafted UDP packet
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
CVE-2024-24760
mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container,...
Security Bulletin: Information disclosure vulnerability affects IBM Business Automation Workflow - CVE-2024-38321
Summary IBM Business Automation Workflow is vulnerable to an information disclosure attack. Vulnerability Details CVEID:CVE-2024-38321 DESCRIPTION: IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations th...
Security update for skopeo
This update for skopeo fixes the following issues: CVE-2024-9676: Fixed symlink traversal vulnerability in the containers/storage library that could have let to a denial-of-service attack bsc1231698. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
SUSE-SU-2025:20085-1 Security update for skopeo
This update for skopeo fixes the following issues: - CVE-2024-9676: Fixed symlink traversal vulnerability in the containers/storage library that could have let to a denial-of-service attack bsc1231698...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Kubernetes kubelet [CVE-2024-5321]
Summary IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Kubernetes kubelet, caused by incorrect permissions on Windows containers logs CVE-2024-5321. Kubernetes is included as part of the speech utilities used in our product. This vulnerabilitiy has been...
PT-2025-4790 · Nuclio +1 · Nuclio +1
Name of the Vulnerable Software and Affected Versions: Computer Vision Annotation Tool CVAT versions prior to 2.26.0 Description: The issue allows an attacker with an account on an affected CVAT instance to run arbitrary code in the context of the Nuclio function container. This affects CVAT...
SUSE CVE-2025-0650
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
DEBIAN-CVE-2025-0650
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
Open Virtual Network 访问控制错误漏洞
Open Virtual Network OVN is an open virtual network open sourced by Open Virtual Network. A security vulnerability exists in Open Virtual Network OVN that stems from a specially constructed UDP packet that can bypass an egress ACL, resulting in unauthorized access to virtual machines and containe...
SUSE SLES15 Security Update : kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (SUSE-SU-2025:0214-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0214-1 advisory. - Drop packages: iptables, lsscsi and socat - rebuild against current GO Tenable has extracted the preceding description block directly from...
PT-2025-5678 · Unknown +1 · Nbdkit-Server +9
Name of the Vulnerable Software and Affected Versions: cdi-apiserver-container affected versions not specified cdi-cloner-container affected versions not specified cdi-controller-container affected versions not specified cdi-importer-container affected versions not specified cdi-operator-containe...
GoCD 安全漏洞
GoCD is a continuous delivery server from GoCD Open Source. A security vulnerability exists in GoCD versions 18.9.0 through 24.4.0, which stems from a vulnerability that allows misuse of the backup configuration feature, which could potentially allow execution of arbitrary scripts on managed...
[SECURITY] Fedora 41 Update: prometheus-podman-exporter-1.14.0-1.fc41
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...
CVE-2024-56330 Session VNC may be accessed by other sessions on the same host in stardust
Stardust is a platform for streaming isolated desktop containers. With this exploit, inter container communication ICC is not disabled. This would allow users within a container to access another containers agent, therefore compromising access.The problem has been patched in any Stardust build pa...
Stardust 访问控制错误漏洞
Stardust is a spaceness open source platform for streaming isolated desktop containers. An access control error vulnerability exists in Stardust. An attacker exploiting this vulnerability could access another container's proxy...