177 matches found
PT-2026-34474
Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description A flaw in the chmod utility allows users to bypass the --preserve-root safety mechanism. The implementation validates if the target path is literally '/', but fails to canonicalize t...
Linux Distros Unpatched Vulnerability : CVE-2026-35338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the...
[SECURITY] Fedora 43 Update: buildah-1.43.1-1.fc43
The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...
GO-2026-4435 EVE Doesn't Protect Rootfs in github.com/lf-edge/eve
EVE Doesn't Protect Rootfs in github.com/lf-edge/eve...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to the measured boot not validating the integrity of the entire root filesystem. An attacker can gain unauthorized access to sensitive data or modify system files by physically replacin...
GHSA-5H7V-G49C-H887 EVE Doesn't Protect Rootfs
Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...
EVE Doesn't Protect Rootfs
Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...
PT-2026-6369
Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...
CVE-2025-52627
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical system files, potentially increasing the risk of system compromise or unauthorized changes.This issue affects AION: 2.0...
CVE-2025-52627 HCL AION is susceptible to Incorrect Permission Assignment for Critical Resource
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical system files, potentially increasing the risk of system compromise or unauthorized changes.This issue affects AION: 2.0...
CVE-2025-52627 HCL AION is susceptible to Incorrect Permission Assignment for Critical Resource
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical system files, potentially increasing the risk of system compromise or unauthorized changes.This issue affects AION: 2.0...
CVE-2025-52627
CVE-2025-52627 affects HCL AION (AI lifecycle management platform) 2.0, where the root filesystem is not mounted read-only, allowing unintended modifications to critical system files and potential system compromise. Connected sources corroborate the issue and cite root-file-system write access as...
CVE-2025-15543
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...
CVE-2025-15543
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...
CVE-2025-15543
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...
CVE-2025-15543 Read-Only Root Access via USB Storage Device in TP-Link VX800v
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...
EUVD-2025-206534
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...
CVE-2025-15543
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...
CVE-2026-24054
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...
EUVD-2026-4958
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...