CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

Cvelist•added 2025/05/09 11:58 a.m.•16 views

CVE-2025-3528 Mirror-registry: local privilege escalation due to incorrect permissions in mirror-registry

A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the /etc/passwd. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within...

8.2CVSS0.00097EPSS

Exploits0References3

CVE•added 2025/05/09 11:58 a.m.•54 views

CVE-2025-3528

CVE-2025-3528 describes a local privilege escalation in OpenShift Mirror Registry due to the quay-app container having write access to /etc/passwd. Affected component: Mirror Registry (quay-app container) within OpenShift; root cause: improper file permissions enabling an attacker with container ...

8.2CVSS6.8AI score0.00097EPSS

Exploits0References3

NVD•added 2023/09/19 9:15 a.m.•10 views

CVE-2023-41387

A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...

9.1CVSS8.9AI score0.00542EPSS

Exploits1References2

OSV•added 2022/08/03 7:51 a.m.•2 views

SUSE-SU-2022:2632-1 Security update for permissions

This update for permissions fixes the following issues: apptainer: fix starter-suid location bsc1198720 static permissions: remove deprecated bind / named chroot entries bsc1200747 postfix: add postlog setgid for maildrop binary bsc1201385...

7.2AI score

Exploits0References4

OpenVAS•added 2022/07/31 12:0 a.m.•8 views

Fedora: Security Advisory for golang-github-appc-spec (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

Exploits0References2

OpenVAS•added 2022/07/31 12:0 a.m.•7 views

Fedora: Security Advisory for golang-github-appc-goaci (FEDORA-2022-5ef0bd9a27)

7.5AI score

Exploits0References2

Fedora•added 2022/07/30 1:55 a.m.•11 views

[SECURITY] Fedora 36 Update: golang-github-appc-goaci-0.1.1-13.fc36

Goaci is a simple command-line tool to build Go projects into ACIs which conf orm to the app container specification...

7.2AI score

Exploits0

Fedora•added 2022/07/30 1:55 a.m.•9 views

[SECURITY] Fedora 36 Update: golang-github-appc-spec-0.8.11-15.fc36

This package contains schema definitions and tools for the App Container app c specification. These include technical details on how an appc image is downloaded over a network, cryptographically verified, and executed on a host. See SPEC.md for details of the specification itself...

7.3AI score

Exploits0

OpenVAS•added 2022/07/18 12:0 a.m.•14 views

Fedora: Security Advisory for golang-github-appc-spec (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.00963EPSS

Exploits4References2

Fedora•added 2022/07/17 1:15 a.m.•21 views

[SECURITY] Fedora 35 Update: golang-github-appc-goaci-0.1.1-12.fc35

Goaci is a simple command-line tool to build Go projects into ACIs which conf orm to the app container specification...

9.3CVSS8.8AI score0.00963EPSS

Exploits4

Fedora•added 2022/07/17 1:15 a.m.•12 views

[SECURITY] Fedora 35 Update: golang-github-appc-spec-0.8.11-14.fc35

9.3CVSS8.9AI score0.00963EPSS

Exploits4

OpenVAS•added 2022/07/06 12:0 a.m.•17 views