CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1036 matches found

Cvelist•added 2025/11/06 8:23 p.m.•11 views

CVE-2025-52881 runc: LSM labels can be bypassed with malicious config using dummy procfs files

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...

7.3CVSS0.00526EPSS

Exploits1References20

OSV•added 2025/11/06 8:23 p.m.•4 views

CVE-2025-52881 runc: LSM labels can be bypassed with malicious config using dummy procfs files

7.3CVSS8.7AI score0.00526EPSS

Exploits1References22

RedhatCVE•added 2025/11/06 6:23 a.m.•4 views

CVE-2025-52881

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

8.2CVSS6.5AI score0.04373EPSS

Exploits2References4

OSV•added 2025/11/05 6:40 p.m.•3 views

GHSA-CGRX-MC8F-2PRM runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects

Impact This attack is primarily a more sophisticated version of CVE-2019-19921, which was a flaw which allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The...

7.3CVSS7AI score0.00526EPSS

Exploits1References30

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988694 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping in...

5.5CVSS5.9AI score0.00222EPSS

Exploits0References4

RedHat Linux•added 2025/10/28 9:16 p.m.•6 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

8.7CVSS6.8AI score0.01099EPSS

Exploits1References6

Veeam•added 2025/10/23 12:0 a.m.•13 views

Files with Microsoft Purview Sensitivity Labels Are Not Accessible After Being Restored

Challenge After restoring a file that was encrypted with a Microsoft Purview Sensitivity Label, attempting to open it results in an error similar to: Word was unable to read this document. It may be corrupt. Try one or more of the following: Open and Repair the file. Open the file with the Text...

5.4AI score

Exploits0Affected Software1

RedhatCVE•added 2025/10/21 11:18 p.m.•3 views

CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.6CVSS6.7AI score0.0027EPSS

Exploits0References5

Vulnrichment•added 2025/10/17 8:29 p.m.•4 views

CVE-2025-62508 Citizen vulnerable to stored XSS in sticky header button messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Citizen from 3.3.0 to 3.9.0 are vulnerable to stored cross-site scripting in the sticky header button message handling. In stickyHeader.js the copyButtonAttributes function assigns innerHTML from a source element’s...

6.5CVSS6.2AI score0.00409EPSS

Exploits0References3

RedHat Linux•added 2025/10/09 6:47 p.m.•5 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update

Important: Red Hat OpenShift GitOps v1.16.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-6703 After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values GITOPS-7180...

7.5CVSS6.7AI score0.0055EPSS

Exploits3References8