Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in docker.io-app

Moby is an open-source container framework developed by Docker Inc., distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby versions prior to 28.0.0. When firewalld is reloaded, Docker fails to recreate...

5.2CVSS6.5AI score0.00152EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4524

Malware in sbrugna...

5.9CVSS5.7AI score0.01783EPSS
Exploits0References8
Veracode
Veracode
added 2025/08/12 7:1 a.m.5 views

Network Isolation Bypass

github.com/moby/moby is vulnerable to network isolation bypass. The vulnerability is due to Docker failing to re-create iptables rules isolating bridge networks after firewalld reload, which allows an attacker to access all ports of containers across different bridge networks on the same host,...

5.2CVSS7AI score0.00152EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2025/07/30 2:15 p.m.4 views

UBUNTU-CVE-2025-54410

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...

5.2CVSS7.2AI score0.00152EPSS
Exploits0References4
OSV
OSV
added 2025/07/28 7:57 p.m.5 views

GO-2025-3781 Incus Allocation of Resources Without Limits allows firewall rule bypass on managed bridge networks in github.com/lxc/incus

Incus Allocation of Resources Without Limits allows firewall rule bypass on managed bridge networks in github.com/lxc/incus...

3.4CVSS6.1AI score0.00202EPSS
Exploits0References4
Snyk
Snyk
added 2025/06/26 9:11 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the improper enforcement of resource limits in the nftables rules generation process for managed bridge networks. An attacker can exhaust the DHCP pool and disrupt network...

4.8CVSS7AI score0.00202EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/26 9:11 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the improper enforcement of resource limits in the nftables rules generation process for managed bridge networks. An attacker can exhaust the DHCP pool and disrupt network...

4.8CVSS7AI score0.00202EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/25 4:51 p.m.6 views

CVE-2025-52890 Incus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...

8.1CVSS7.2AI score0.00195EPSS
Exploits0References2
CVE
CVE
added 2025/06/25 4:51 p.m.29 views

CVE-2025-52890

Incus CVE-2025-52890 affects the Incus system container/VM manager; versions 6.12 and 6.13 generate nftables rules when an ACL is used on a bridge-connected device, which partially bypasses security.mac_filtering, security.ipv4_filtering and security.ipv6_filtering. This can enable ARP spoofing o...

8.1CVSS7.2AI score0.00195EPSS
Exploits0References2
CVE
CVE
added 2025/06/25 4:49 p.m.27 views

CVE-2025-52889

Incus (system container/VM manager) on versions 6.12–6.13 is vulnerable when an ACL on a bridge-connected device is used: nftables rules for local services can bypass security.mac_filtering, security.ipv4_filtering, and security.ipv6_filtering, enabling DHCP pool exhaustion and potential further ...

3.4CVSS7.2AI score0.00202EPSS
Exploits0References3
Veracode
Veracode
added 2019/01/15 8:50 a.m.28 views

Authorization Bypass

libvirt is vulnerable to authorization bypass attacks. The vulnerability exists as the networkReloadIptablesRules function of network/bridgedriver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to...

5.9CVSS5.7AI score0.01783EPSS
Exploits2References14Affected Software1
OSV
OSV
added 2016/04/14 3:59 p.m.5 views

CVE-2011-4600

The networkReloadIptablesRules function in network/bridgedriver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a 1 DNS or 2 DHCP query...

5.9CVSS5.7AI score
Exploits0References4
OSV
OSV
added 2016/04/14 3:59 p.m.3 views

DEBIAN-CVE-2011-4600

The networkReloadIptablesRules function in network/bridgedriver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a 1 DNS or 2 DHCP query...

5.9CVSS6.6AI score0.01783EPSS
Exploits0References1
OSV
OSV
added 2011/12/31 12:0 a.m.2 views

UBUNTU-CVE-2011-4600

The networkReloadIptablesRules function in network/bridgedriver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a 1 DNS or 2 DHCP query...

5.9CVSS6.5AI score0.01783EPSS
Exploits0References3
Rows per page
Query Builder