CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/11/12 4:36 p.m.•3 views

CVE-2025-2843 Observability-operator: observability operator privilege escalation

8.8CVSS6.1AI score0.00059EPSS

Cvelist•added 2025/11/12 4:36 p.m.•6 views

CVE-2025-2843 Observability-operator: observability operator privilege escalation

8.8CVSS0.00059EPSS

CVE•added 2025/11/12 4:36 p.m.•12 views

CVE-2025-2843

The CVE-2025-2843 issue affects the Observability Operator. It creates a ServiceAccount with ClusterRole permissions when deploying the Namespace-Scoped MonitorStack CR, enabling a namespaced Kubernetes user to create a MonitorStack in their namespace and then escalate to cluster-level privileges...

8.8CVSS6.1AI score0.00059EPSS

RedHat Linux•added 2025/11/12 12:41 p.m.•1 views

kernel: do_change_type(): refuse to operate on unmounted/not ours mounts

In the Linux kernel, the following vulnerability has been resolved: dochangetype: refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount2...

5.5CVSS5.7AI score0.00088EPSS

CNNVD•added 2025/11/12 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly timed path release that could lead to namespace errors...

6.1AI score0.00026EPSS

RedHat Linux•added 2025/11/11 9:13 a.m.•1 views

kernel: RDMA/core: Don't expose hw_counters outside of init net namespace

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hwcounters outside of init net namespace Commit 467f432a521a "RDMA/core: Split port and device counter sysfs attributes" accidentally almost exposed hw counters to non-init net namespaces. It didn't expose...

5.5CVSS6.7AI score0.00024EPSS

RedHat Linux•added 2025/11/11 8:27 a.m.•3 views

linux-pam: Linux-pam directory Traversal

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

7.8CVSS7.3AI score0.00072EPSS

RedHat Linux•added 2025/11/11 8:21 a.m.•2 views

kernel: tcp: drop secpath at the same time as we currently drop dst

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

5.5CVSS6.8AI score0.00015EPSS

RedHat Linux•added 2025/11/11 8:21 a.m.•4 views

kernel: RDMA/core: Don't expose hw_counters outside of init net namespace

5.5CVSS6.7AI score0.00024EPSS

RedHat Linux•added 2025/11/11 8:21 a.m.•2 views

kernel: hv_netvsc: Fix panic during namespace deletion with VF

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Fix panic during namespace deletion with VF The existing code move the VF NIC to new namespace when NETDEVREGISTER is received on netvsc NIC. During deletion of the namespace, defaultdeviceexitbatch defaultdeviceexitnet...

5.5CVSS5.7AI score0.00024EPSS

Microsoft CVE•added 2025/11/11 1:1 a.m.•5 views

Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2

...

5.5AI score0.00068EPSS

OSV•added 2025/11/11 12:17 a.m.•1 views

MAL-2025-63636 Malicious code in jaja-lapis93-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0316bb5bf53071bf08699fb6bb813d42df2649e890d29406fcecbce9cf7a962e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Tenable Nessus•added 2025/11/11 12:0 a.m.•3 views

Amazon Linux 2023 : pam, pam-devel (ALAS2023-2025-1257)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1257 advisory. A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to...

7.8CVSS7.4AI score0.00072EPSS

Exploits0References4

Tenable Nessus•added 2025/11/11 12:0 a.m.•6 views

Amazon Linux 2 : pam, --advisory ALAS2-2025-3057 (ALAS-2025-3057)

The version of pam installed on the remote host is prior to 1.1.8-23. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3057 advisory. A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit...

7.8CVSS7.5AI score0.00072EPSS

Exploits0References4

Amazon•added 2025/11/10 12:0 a.m.•3 views

Medium: pam

Issue Overview: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. CVE-2025-8941 Affected...

7.8CVSS6.3AI score0.00072EPSS

Amazon•added 2025/11/10 12:0 a.m.•4 views

Medium: pam

7.8CVSS6.2AI score0.00072EPSS