Lucene search
K

281 matches found

Fedora
Fedora
added 2025/10/10 12:51 a.m.7 views

[SECURITY] Fedora 42 Update: docker-buildkit-0.25.0-1.fc42

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

6.5CVSS7AI score0.00489EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0773

Malicious code in bioql PyPI...

7.8CVSS7.2AI score0.00258EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50278

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00761EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-3036

Malicious code in bioql PyPI...

4.7CVSS6.4AI score0.00287EPSS
Exploits0References13
OSV
OSV
added 2025/09/23 2:3 p.m.1 views

SUSE-SU-2025:03271-2 Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

5.5CVSS6.7AI score0.00433EPSS
Exploits3References14
SUSE Linux
SUSE Linux
added 2025/09/18 1:34 p.m.4 views

Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584...

5.5CVSS7.2AI score0.00433EPSS
Exploits3References32
SUSE Linux
SUSE Linux
added 2025/09/12 3:57 p.m.4 views

Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

5.5CVSS7.2AI score0.00433EPSS
Exploits3References30
OSV
OSV
added 2025/09/12 3:57 p.m.6 views

SUSE-SU-2025:03205-1 Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

5.5CVSS6.8AI score0.00433EPSS
Exploits3References13
Gitee
Gitee
added 2025/09/06 4:26 a.m.99 views

MaraDNS_1

This is a repository for MaraDNS, a small open-source DNS server. The repository contains various files and scripts for building and testing MaraDNS, including a Dockerfile for creating a Docker image to test installing MaraDNS on a fresh Ubuntu 22.04 virtual machine. The repository includes a...

7.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:2 p.m.5 views

Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction

...

4.7CVSS7AI score0.00287EPSS
Exploits0
OSV
OSV
added 2025/09/03 8:43 p.m.6 views

CLSA-2025-1756932191 buildah: Fix of CVE-2024-9407

CVE-2024-9407: validate input for bind-propagation option in Dockerfile RUN --mount instruction to prevent arbitrary parameter passing and potential file modification...

4.7CVSS6.9AI score0.00287EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-23652

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfi...

10CVSS6.8AI score0.02038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-23651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in...

8.7CVSS6.8AI score0.00791EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/07/09 5:56 p.m.5 views

Contrast vulnerability allows arbitrary host data Injection into container VOLUME mount points

Background The VOLUME directive in Dockerfiles, or the config.volumes field in OCI image descriptors, indicates filesystem paths "where the process is likely to write data". While these paths have special semantics in Docker, they are only hints in the OCI spec and are not treated specially by...

7AI score
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 4: podman (TSSA-2024:0683)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0683 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.2CVSS6.8AI score0.01345EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.16 views

Alibaba Cloud Linux 3 : 0241: container-tools:rhel8 (ALINUX3-SA-2024:0241)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0241 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-9341: A flaw was found in Go. Whe...

8.2CVSS6.8AI score0.0099EPSS
Exploits0References4
Kitploit
Kitploit
added 2025/04/04 7:18 p.m.25 views

Docf-Sec-Check - DockF-Sec-Check Helps To Make Your Dockerfile Commands More Secure

DockF-Sec-Check helps to make your Dockerfile commands more secure. Done x First-level security notification in the Dockerfile TODO List Correctly detect the Dockerfile. Second-level security notification in the Dockerfile. Security notification in Docker images. Private Repository Installation...

7.5AI score
Exploits0References3
GithubExploit
GithubExploit
added 2025/03/24 6:47 p.m.328 views

Exploit for Deserialization of Untrusted Data in Apache Tomcat

Tomcat CVE-2025-24813 playground ===============================...

9.8CVSS9.1AI score0.99945EPSS
Exploits46
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-9407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this...

4.7CVSS6.3AI score0.00287EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-25173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up...

7.8CVSS7AI score0.00542EPSS
Exploits1References2
Rows per page
Query Builder