323 matches found
CVE-2026-53657
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to 2.1.3, on an instance of Lima running with the qemu driver, an arbitrary user in the VM could access /run/lima-guestagent.sock when the guest agent is enabled, which could result in running arbitrary comman...
CVE-2026-53657
CVE-2026-53657 affects Lima when using the qemu driver. Prior to 2.1.3, an unprivileged user inside a Lima QEMU guest could access the /run/lima-guestagent.sock guest-agent socket when enabled, enabling commands with root privileges inside the VM via the socket’s tunneling to privileged daemons. ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/lima: fixed a memory leak in limaheapalloc. When limavmmapbo fails, the resources need to be deallocated; otherwise, memory leaks will occur...
C++ Web Framework 路径遍历漏洞
C++ Web Framework is a Qt-based C++ MVC web application development framework developed by Herik Lima. Versions of C++ Web Framework 3.1 and earlier contained a path traversal vulnerability, which was caused by some unknown handling methods...
GHSA-GPX9-96J6-PP87 TaskWeaver has Protection Mechanism Failure and Server-Side Request Forgery (SSRF)
Summary This vulnerability allows a user to escape the container network isolation and access the host’s local services 127.0.0.1 bound on the host. The vulnerability is applicable only on the MacOS and Windows environments while using Docker Desktop, Containerd on Lima VM, or Podman. Details...
TaskWeaver has Protection Mechanism Failure and Server-Side Request Forgery (SSRF)
Summary This vulnerability allows a user to escape the container network isolation and access the host’s local services 127.0.0.1 bound on the host. The vulnerability is applicable only on the MacOS and Windows environments while using Docker Desktop, Containerd on Lima VM, or Podman. Details...
Malicious code in pilka-lni-lima (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7521a3fc457bc37e26dbf1ab17733836085ff0a7306f7648c9595f38c77de8fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989401)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989401 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/lima: mask irqs in timeout path before hard reset There is a race condition in which a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990204)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990204 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990315)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990315 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/lima: mask irqs in timeout path before hard reset There is a race condition in which a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989692)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989692 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-402076)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-402076 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix a memleak in limaheapalloc When limavmmapbo fails, the resources need to be...
EUVD-2023-1529
Malicious code in bioql PyPI...
Malicious code in lima-juliet-xray-yqlpd (npm)
The package lima-juliet-xray-yqlpd was found to contain malicious code...
Malicious code in lima-india-fig-asvoh (npm)
The package lima-india-fig-asvoh was found to contain malicious code...
MAL-2025-44624 Malicious code in hotel-lima-charlie-gwkmz (npm)
The package hotel-lima-charlie-gwkmz was found to contain malicious code...
Malicious code in lima-victor-lemon-epnhd (npm)
The package lima-victor-lemon-epnhd was found to contain malicious code...
MAL-2025-45002 Malicious code in lima-india-fig-asvoh (npm)
The package lima-india-fig-asvoh was found to contain malicious code...
MAL-2025-44880 Malicious code in kiwi-apple-lima-dhvdb (npm)
The package kiwi-apple-lima-dhvdb was found to contain malicious code...
MAL-2025-45003 Malicious code in lima-juliet-xray-yqlpd (npm)
The package lima-juliet-xray-yqlpd was found to contain malicious code...