CVE-2026-44543

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

EUVD-2026-32954

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

CVE-2024-0085

NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service...

Unauthorized File Access

awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to improper handling of symlinks during the Docker build process, allowing access to privileged host files via elevated permissions...

CVE-2025-3047

When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...

RHEL 5 : xsa224_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa224 xen: grant table operations mishandle reference counts XSA-224 CVE-2017-10921 - The grant-table...

SUSE CVE-2021-43816

containerd is an open source container runtime. On installations using SELinux, such as EL8 CentOS, RHEL, Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface CRI, an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any...

DEBIAN-CVE-2021-43816

containerd is an open source container runtime. On installations using SELinux, such as EL8 CentOS, RHEL, Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface CRI, an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any...

RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:0743)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0743 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat...

Important: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

ALPINE-CVE-2020-14339

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

The vulnerability of Xen hypervisors allows a malicious actor to gain privileged access to the host.

The vulnerability of Xen hypervisors is related to insufficient checking of memory distribution during P2M operations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain privileged access to the host from the guest operating system...

ALPINE-CVE-2017-10921

The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAPdevicemap and GNTMAPhostmap mapping, which allows guest OS users to cause a denial of service count mismanagement and memory corruption or obtain privileged host OS access, aka XSA-224 bug 2...

ALPINE-CVE-2017-10918

Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222...

DEBIAN-CVE-2017-10921

The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAPdevicemap and GNTMAPhostmap mapping, which allows guest OS users to cause a denial of service count mismanagement and memory corruption or obtain privileged host OS access, aka XSA-224 bug 2...

Low: Red Hat Security Advisory: kvm security and bug fix update

Updated kvm packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...