Lucene search
K

313 matches found

Debian
Debian
added 2026/04/22 8:43 a.m.6 views

[SECURITY] [DSA 6223-1] flatpak security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6223-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2026 https://www.debian.org/security/faq -...

10CVSS7.8AI score0.0168EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Debian dsa-6223 : flatpak - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6223 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6223-1 [email protected] https://www.debian.org/securit...

10CVSS8.5AI score0.0168EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.9 views

(0Day) Docker Desktop credentialHelper Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to escape the container and execute high-privileged code within the Docker Hyper-V VM in order to exploit this vulnerability. The specific flaw...

7.5CVSS6.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.8 views

(0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to escape the container and execute high-privileged code within the Docker Hyper-V VM in order to exploit this vulnerability. The specific flaw...

7.5CVSS6.1AI score
Exploits0
OSV
OSV
added 2026/04/13 6:27 p.m.6 views

USN-8172-1 kvmtool vulnerabilities

It was discovered that kvmtool did not properly manage memory under certain circumstances. A malicious guest attacker could use this issue to cause kvmtool to crash, leading to a denial of service, or possibly execute arbitrary code on the host system. CVE-2021-45464 It was discovered that kvmtoo...

8.8CVSS6.2AI score0.00382EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/04/13 6:27 p.m.8 views

USN-8172-1: kvmtool vulnerabilities

It was discovered that kvmtool did not properly manage memory under certain circumstances. A malicious guest attacker could use this issue to cause kvmtool to crash, leading to a denial of service, or possibly execute arbitrary code on the host system. CVE-2021-45464 It was discovered that kvmtoo...

8.8CVSS6.2AI score0.00382EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/04/11 9:26 a.m.5 views

SUSE CVE-2026-5747

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

7.5CVSS6.8AI score0.00208EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 12:16 a.m.4 views

CVE-2026-5747

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

8.7CVSS0.00208EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Amazon Firecracker 安全漏洞

Amazon Firecracker is a virtualization technology developed by Amazon, used specifically for creating and managing multi-tenant containers and functions-based services. It provides a serverless operating model, designed for creating and managing multi-tenant containers and functions-based service...

8.7CVSS6.4AI score0.00208EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/07 11:17 p.m.25 views

CVE-2026-5747 Out-of-bounds Write in Firecracker virtio-pci Transport

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

8.7CVSS0.00208EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/07 11:17 p.m.2 views

CVE-2026-5747 Out-of-bounds Write in Firecracker virtio-pci Transport

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

8.7CVSS6.8AI score0.00208EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/07 11:17 p.m.12 views

CVE-2026-5747

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

8.7CVSS6.5AI score0.00208EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/07 11:17 p.m.9 views

CVE-2026-5747

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

8.7CVSS6.5AI score0.00208EPSS
Exploits0References4
CVE
CVE
added 2026/04/07 11:17 p.m.50 views

CVE-2026-5747

Summary: CVE-2026-5747 is a local, hypothetical out-of-bounds write in the virtio-pci transport of Firecracker. Affects Firecracker versions 1.13.0–1.14.3 and 1.15.0 on x86_64 and aarch64. The issue could allow a local guest user with root privileges to crash the Firecracker VMM process or potent...

8.7CVSS6.7AI score0.00208EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/07 9:27 p.m.4 views

CVE-2026-34078 Flatpak has a complete sandbox escape leading to host file access and code execution in the host context

Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access ...

9.3CVSS6.4AI score0.0168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.4 views

PT-2026-31052

Name of the Vulnerable Software and Affected Versions Amazon Firecracker versions 1.13.0 through 1.14.3 and version 1.15.0 Description A flaw exists in the virtio PCI transport of Amazon Firecracker that could allow a local guest user with root privileges to crash the Firecracker VMM process or...

8.7CVSS6.4AI score0.00208EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-34078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can ...

10CVSS7.6AI score0.0168EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/06 5:13 p.m.2 views

CVE-2026-35044 BentoML has a Server-Side Template Injection via unsandboxed Jinja2 Environment in Dockerfile generation

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the Dockerfile generation function generatecontainerfile in src/bentoml/internal/container/generate.py uses an unsandboxed jinja2.Environment with the jinja2.ext.do extensio...

8.8CVSS6.1AI score0.00392EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/04/03 2:59 a.m.11 views

OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md

Summary Device-Paired Node Skips Node Scope Gate → Host RCE.md Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real in shipped v2026.3.28 because a merely device-paired node could expose node commands without node pairing, but high is sufficient given the...

8.8CVSS5.9AI score0.00544EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/03/21 3:31 a.m.4 views

EUVD-2026-13941

OpenClaw versions prior to 2026.2.21 contain an improper sandbox configuration vulnerability that allows attackers to execute arbitrary code by exploiting renderer-side vulnerabilities without requiring a sandbox escape. Attackers can leverage the disabled OS-level sandbox protections in the...

5.3CVSS6.6AI score0.00288EPSS
Exploits0References5
Rows per page
Query Builder