CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-1897

Malware in sbrugna...

8.8CVSS8.6AI score0.00879EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 4:56 a.m.•1 views

SUSE CVE-2016-8867

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes...

7.5CVSS6.8AI score0.00395EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 4:20 a.m.•3 views

SUSE CVE-2018-1000400

Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...

8.8CVSS8.8AI score0.00879EPSS

Exploits0References3

RedHat Linux•added 2020/06/23 7:44 p.m.•1 views

docker: Ambient capability usage in containers

The runc version as used in docker 1.12.2 was incorrectly setting ambient capabilities for all processes executed inside containers. This caused processes of non-root users to run with unexpected privileges, allowing them to escalate their privileges to root...

7.5CVSS7.1AI score0.00395EPSS

Exploits0References5

RedHat Linux•added 2018/06/06 3:46 p.m.•1 views

cri-o: capabilities are not dropped when switching to a non-root user

8.8CVSS5.7AI score0.00879EPSS

Exploits0References4

Veracode•added 2018/05/21 5:59 a.m.•19 views

Privilege Context Switching Error

github.com/kubernetes-incubator/cri-o is susceptible to privilege context switching error. The vulnerability exists in handling ambient capabilities. During container execution, containers running with elevated privileges may allow a user with lower privilege to perform abilities they should not...

8.8CVSS8.4AI score0.00879EPSS

Exploits0References2Affected Software9

Prion•added 2018/05/18 6:29 p.m.•14 views

Privilege escalation

6.5CVSS8.7AI score0.00879EPSS

Exploits0References2Affected Software1

NVD•added 2018/05/18 6:29 p.m.•11 views

CVE-2018-1000400

8.8CVSS8.7AI score0.00879EPSS

Exploits0References2

UbuntuCve•added 2018/05/18 6:29 p.m.•13 views

CVE-2018-1000400

8.8CVSS6.8AI score0.00879EPSS

Exploits0References2

OSV•added 2018/05/18 6:29 p.m.•13 views

CVE-2018-1000400

8.8CVSS9AI score

Exploits0References2

RedhatCVE•added 2018/05/18 5:50 p.m.•23 views

CVE-2018-1000400

8.8CVSS6.7AI score0.00879EPSS

Exploits0References1

Veracode•added 2017/05/03 6:37 a.m.•20 views

Access Restriction Bypass

github.com/opencontainers/runc is vulnerable to attackers bypassing access restrictions. This is possible when ambient capabilities are enabled but misconfigured. It would allow malicious images to bypass user permissions and access other files within the file system and other mounted volumes. Th...

7.5CVSS7.5AI score0.00395EPSS

Exploits0References2Affected Software2

OSV•added 2016/10/28 3:59 p.m.•4 views

CVE-2016-8867

7.5CVSS7.7AI score

Exploits0References3

Debian CVE•added 2016/10/28 3:0 p.m.•38 views

CVE-2016-8867

7.5CVSS7.6AI score0.00395EPSS

Exploits0

Cvelist•added 2016/10/28 3:0 p.m.•21 views

CVE-2016-8867

7.5AI score0.00395EPSS

Exploits0References3

CVE•added 2016/10/28 3:0 p.m.•86 views

CVE-2016-8867

CVE-2016-8867 affects Docker Engine 1.12.2, where ambient capabilities were enabled due to misconfigured capability policies. This allowed a malicious image to bypass container user permissions and access files in the container filesystem or mounted volumes. The issue is cited across multiple adv...

7.5CVSS7.3AI score0.00395EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by