897 matches found
CVE-2025-59692
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...
CVE-2025-59692
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...
UBUNTU-CVE-2025-59692
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...
CVE-2025-59692
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...
PT-2025-38497
Name of the Vulnerable Software and Affected Versions PureVPN versions 2.0.1 and 2.10.0 Description PureVPN client applications on Linux mishandle firewalling. The applications flush existing iptables rules and apply default ACCEPT policies when connecting to a VPN server, removing previously...
Chaos Controller Manager is vulnerable to OS command injection
The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...
GHSA-2GCV-3QPF-C5QR Chaos Controller Manager is vulnerable to OS command injection
The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...
CVE-2025-59361
The provided connected sources confirm CVE-2025-59361 pertains to Chaos Mesh’s Chaos Controller Manager, specifically an OS command injection in the mutation path (cleanIptables). The related entry CVE-2025-59358 describes an unauthenticated exposure via a GraphQL debugging surface that can kill ...
Chaos Mesh 操作系统命令注入漏洞
Chaos Mesh is an open source cloud-native engineering platform from Chaos Mesh Open Source. Chaos Mesh suffers from an OS command injection vulnerability that stems from the presence of OS command injection in cleanIptables, which could lead to remote code execution...
Linux Distros Unpatched Vulnerability : CVE-2020-0347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution...
Linux Distros Unpatched Vulnerability : CVE-2019-9946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI...
Linux Distros Unpatched Vulnerability : CVE-2016-4998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2025-54388
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstre...
Linux Distros Unpatched Vulnerability : CVE-2021-20177
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rul...
Linux Distros Unpatched Vulnerability : CVE-2024-42270
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr- deref in iptablenattableinit. We had a report that...
Linux Distros Unpatched Vulnerability : CVE-2025-22021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, ...
Docker Engine 28.2 < 28.3.3 Local Docker Ports Exposed to Network
The version of the Docker Engine Moby installed on the remote host is between 28.2.0 to 28.3.2 It is therefore affected by an vulnerability that exposes local ports to the network. When the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker...
SUSE CVE-2025-54388
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...
CVE-2025-54410
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...
Moby 安全漏洞
Moby is an open source project of Moby Open Source. It aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby versions 28.2.0 through 28.3.2, which stems from the failure to recreate iptables rules when the...