EUVD-2025-12339

Malicious code in bioql PyPI...

CVE-2025-32955

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to disable-sudo bypass. Harden-Runner includes a policy option disable-sudo to prevent the GitHub Actions runner user from using sudo. This is implemente...

PT-2025-17463 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Harden-Runner versions 0.12.0 through 2.12.0 Description: Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. The disable-sudo policy option is intended to prevent the GitHub Actions runner user from usi...

The vulnerability in the Boot2Docker script collection, related to access control deficiencies, allows an attacker to enhance their privileges and execute arbitrary code.

The vulnerability in the Boot2Docker script is related to access control deficiencies when connecting to a Docker daemon using TCP connections. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code remotely...