Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Broadcom
Broadcomadded 2026/03/03 12:0 a.m.19 views

Podman Vulnerable to Arbitrary File Write via Symbolic Link Traversal in 'play.go' File

Podman contains a symbolic link traversal vulnerability when the kube play command is used with a 'ConfigMap' or secret volume mount. A remote attacker could exploit this by creating a malicious symbolic link on the volume in order to overwrite the contents of arbitrary files, however the attacke...

8.1CVSS6.1AI score0.01008EPSS
Exploits0
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-27030

Malicious code in bioql PyPI...

8.1CVSS6.2AI score0.01008EPSS
Exploits0References13
RedHat Linux
RedHat Linuxadded 2025/09/23 3:19 p.m.3 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2025/09/16 2:22 a.m.4 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
OSV
OSVadded 2025/09/05 8:15 p.m.5 views

AZL-67049 CVE-2025-9566 affecting package podman 5.6.1-7

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS6.8AI score0.01008EPSS
Exploits0References1
F5 Networks
F5 Networksadded 2023/05/23 4:29 p.m.36 views

K000134748: Kubernetes vulnerabilities CVE-2019-1002100, CVE-2019-11254, CVE-2017-1002101, and CVE-2017-1002102

Security Advisory Description CVE-2019-1002100 In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" e.g. kubectl patch --type json or "Content-Type:...

9.6CVSS6.8AI score0.11586EPSS
Exploits2
CNVD
CNVDadded 2018/03/27 12:0 a.m.3 views

Google Kubernetes Arbitrary File Deletion Vulnerability

Google Kubernetes is an open source Docker container cluster management system from Google, Inc. The system provides resource scheduling, deployment and operation, service discovery and scaling up and down for containerized applications. There is a security vulnerability in Google Kubernetes. An...

7.1CVSS6.9AI score0.01026EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2018/03/12 7:40 p.m.8 views

kubernetes: Malicious containers can delete any file from the node

This vulnerability allows containers using a secret, configMap, projected, or downwardAPI volume to trigger deletion of arbitrary files and directories on the nodes where they are running. An attacker could use this flaw to delete arbitrary file or directories on node host...

7.1CVSS6.7AI score0.01026EPSS
Exploits0References4
Rows per page
Query Builder