Lucene search
K

384 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.14 views

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-2949)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.7AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.19 views

EulerOS 2.0 SP11 : docker-runc (EulerOS-SA-2024-2979)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.7AI score0.00317EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/12 10:29 a.m.1 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.8 views

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2024-2902)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification.runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.6AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.16 views

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2024-2883)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification.runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.6AI score0.00317EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/06 2:57 p.m.2 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/11/06 3:46 a.m.0 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/10/31 4:1 a.m.2 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
OSV
OSV
added 2024/10/15 4:15 p.m.8 views

AZL-50609 CVE-2024-9676 affecting package cri-o for versions less than 1.22.3-14

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS7AI score0.01345EPSS
Exploits0References1
Amazon
Amazon
added 2024/10/15 12:0 a.m.5 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS6.7AI score0.00317EPSS
Exploits0
Amazon
Amazon
added 2024/10/15 12:0 a.m.3 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS6.7AI score0.00317EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/14 12:0 a.m.16 views

Amazon Linux 2023 : runc (ALAS2023-2024-725)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-725 advisory. runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or...

3.6CVSS6.6AI score0.00317EPSS
Exploits0References4
Amazon
Amazon
added 2024/10/14 12:0 a.m.3 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS4.5AI score0.00317EPSS
Exploits0
OSV
OSV
added 2024/10/12 11:9 a.m.5 views

OESA-2024-2253 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
Metasploit
Metasploit
added 2024/09/27 6:53 p.m.697 views

Local Privilege Escalation via CVE-2023-0386

This exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another...

7.8CVSS7AI score0.0788EPSS
Exploits14
Rockylinux
Rockylinux
added 2024/09/17 12:54 a.m.33 views

bubblewrap and flatpak security update

An update is available for flatpak, bubblewrap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Bubblewrap /usr/bin/bwrap is a core execution engine for...

10CVSS7AI score0.01283EPSS
Exploits1
OSV
OSV
added 2024/09/14 11:9 a.m.5 views

OESA-2024-2136 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
OSV
OSV
added 2024/09/14 11:9 a.m.3 views

OESA-2024-2135 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/09/05 1:9 p.m.40 views

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.3AI score0.01283EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/09/05 12:50 p.m.33 views

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated...

10CVSS7.3AI score0.01283EPSS
Exploits1References1
Rows per page
Query Builder