Lucene search
K

40 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/29 12:0 a.m.4 views

AlmaLinux 9 : podman (ALSA-2025:15900)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15900 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the AlmaLinux security...

8.1CVSS5.5AI score0.01008EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/09/23 2:6 p.m.6 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS6.8AI score0.01008EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 12:0 a.m.6 views

ALSA-2025:15901 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: Podman kube play command may overwrite host files CVE-2025-9566 For more details...

8.1CVSS7AI score0.01008EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/16 12:0 a.m.5 views

Oracle Linux 9 : podman (ELSA-2025-15900)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15900 advisory. - fixes 'CVE-2025-9566 podman: Podman kube play command may overwrite host files rhel-9.6.z' Tenable has extracted the preceding description block directly fro...

8.1CVSS7.3AI score0.01008EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 12:0 a.m.5 views

ALSA-2025:15904 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: Podman kube play command may overwrite host files CVE-2025-9566 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

8.1CVSS7AI score0.01008EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2025/09/16 12:0 a.m.5 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: Podman kube play command may overwrite host files CVE-2025-9566 For more details...

8.1CVSS7AI score0.01008EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-9566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap...

8.1CVSS7.2AI score0.01008EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/09/05 11:28 p.m.5 views

SUSE CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS7AI score0.01008EPSS
Exploits0References17
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.5 views

Podman 路径遍历漏洞

Podman is a Podman open source engine for developing, managing and running OCI containers on Linux systems. Podman suffers from a path traversal vulnerability that stems from the fact that the kube play command may be used to overwrite a host file, potentially resulting in the file being...

8.1CVSS6.5AI score0.01008EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:57 p.m.6 views

CVE-2020-24027

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time...

9.8CVSS7.4AI score0.01612EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.4 views

The vulnerability of the PLAY command in the Live555 multimedia streaming library, which allows a hacker to cause a service failure.

The vulnerability of the PLAY command in the Live555 multimedia streaming library group is related to the insufficient use of the assert function. Exploiting this vulnerability can allow a malicious actor to cause service failures...

5.5CVSS6.1AI score0.00865EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.12 views

The vulnerability of the RTSP PLAY Command Handler component in the Live555 multimedia streaming library allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the RTSP PLAY Command Handler component in the Live555 multimedia streaming library relates to writing beyond buffer boundaries. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.8CVSS8AI score0.01612EPSS
Exploits1References6Affected Software2
AstraLinux
AstraLinux
added 2024/06/26 1:32 p.m.7 views

Astra Linux – Vulnerability in liblivemedia

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server’s handling of the RTSP “PLAY” command, especially when the command specifies seeking by absolute time...

9.8CVSS8.1AI score0.01612EPSS
Exploits1References3
Prion
Prion
added 2021/08/18 5:15 p.m.13 views

Design/Logic Flaw

liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands...

4.3CVSS5.5AI score0.00865EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/01/11 8:15 p.m.5 views

CVE-2020-24027

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time...

9.8CVSS7.5AI score0.01612EPSS
Exploits1References2
OSV
OSV
added 2021/01/11 8:15 p.m.3 views

UBUNTU-CVE-2020-24027

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time...

9.8CVSS6.1AI score0.01612EPSS
Exploits1References4
Prion
Prion
added 2021/01/11 8:15 p.m.13 views

Buffer overflow

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time...

7.5CVSS9.7AI score0.01612EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2021/01/11 7:41 p.m.18 views

CVE-2020-24027

Removed by vendor...

9.8CVSS9.4AI score0.01612EPSS
Exploits1
Cvelist
Cvelist
added 2021/01/11 7:41 p.m.27 views

CVE-2020-24027

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time...

9.9AI score0.01612EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/01/11 12:0 a.m.9 views

Live Networks Liblivemedia Buffer Error Vulnerability

Live Networks Liblivemedia is a C++ based codebase for RTP/RTCP, RTSP, SIP and other protocols from Live Networks, Inc. The library supports POSIX-compliant operating systems and can be used to transmit, receive and process MPEG, H.265, H.264, H.263+, DV or JPEG video and build basic RTSP or SIP...

9.8CVSS7.4AI score0.01612EPSS
Exploits1References3
Rows per page
Query Builder