Lucene search
K

897 matches found

RedhatCVE
RedhatCVE
added 2025/09/20 12:30 a.m.7 views

CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS6.9AI score0.00193EPSS
Exploits0References1
NVD
NVD
added 2025/09/18 11:15 p.m.3 views

CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/09/18 11:15 p.m.3 views

UBUNTU-CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS5.8AI score0.00193EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/18 12:0 a.m.9 views

CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS0.00193EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.4 views

PT-2025-38497

Name of the Vulnerable Software and Affected Versions PureVPN versions 2.0.1 and 2.10.0 Description PureVPN client applications on Linux mishandle firewalling. The applications flush existing iptables rules and apply default ACCEPT policies when connecting to a VPN server, removing previously...

3.7CVSS6.6AI score0.00193EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2025/09/15 12:31 p.m.5 views

Chaos Controller Manager is vulnerable to OS command injection

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.03269EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/09/15 12:31 p.m.1 views

GHSA-2GCV-3QPF-C5QR Chaos Controller Manager is vulnerable to OS command injection

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.03269EPSS
Exploits1References5
CVE
CVE
added 2025/09/15 11:41 a.m.18 views

CVE-2025-59361

The provided connected sources confirm CVE-2025-59361 pertains to Chaos Mesh’s Chaos Controller Manager, specifically an OS command injection in the mutation path (cleanIptables). The related entry CVE-2025-59358 describes an unauthenticated exposure via a GraphQL debugging surface that can kill ...

9.8CVSS8.1AI score0.03269EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.2 views

Chaos Mesh 操作系统命令注入漏洞

Chaos Mesh is an open source cloud-native engineering platform from Chaos Mesh Open Source. Chaos Mesh suffers from an OS command injection vulnerability that stems from the presence of OS command injection in cleanIptables, which could lead to remote code execution...

9.8CVSS8.3AI score0.03269EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-0347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution...

6.7CVSS7AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI...

7.5CVSS6.9AI score0.03119EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-4998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service...

7.1CVSS6.9AI score0.01885EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-54388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstre...

5.1CVSS6.1AI score0.00215EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-20177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rul...

4.4CVSS6.6AI score0.00277EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-42270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr- deref in iptablenattableinit. We had a report that...

5.5CVSS6.2AI score0.00226EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-22021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, ...

5.5CVSS6.7AI score0.00163EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/01 12:0 a.m.3 views

Docker Engine 28.2 < 28.3.3 Local Docker Ports Exposed to Network

The version of the Docker Engine Moby installed on the remote host is between 28.2.0 to 28.3.2 It is therefore affected by an vulnerability that exposes local ports to the network. When the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker...

5.1CVSS6.1AI score0.00215EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/30 11:21 p.m.7 views

SUSE CVE-2025-54388

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...

5.2CVSS6.9AI score0.00215EPSS
Exploits0References13
NVD
NVD
added 2025/07/30 2:15 p.m.3 views

CVE-2025-54410

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...

5.2CVSS0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/30 12:0 a.m.3 views

Moby 安全漏洞

Moby is an open source project of Moby Open Source. It aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby versions 28.2.0 through 28.3.2, which stems from the failure to recreate iptables rules when the...

5.1CVSS6.3AI score0.00215EPSS
Exploits0References5
Rows per page
Query Builder