CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в thunderbird, firefox

A race condition could allow a cross-origin container to obtain permissions from the top-level origin. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

4.7CVSS6.9AI score0.00112EPSS

Exploits0References2

Tenable Nessus•added 2026/01/20 12:0 a.m.•1 views

MiracleLinux 7 : podman-1.6.4-29.el7 (AXSA:2021-1611:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1611:02 advisory. podman: container users permissions are not respected in privileged containers CVE-2021-20188 Tenable has extracted the preceding description block directly...

7CVSS8AI score0.00085EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-12563

Malware in sbrugna...

7CVSS6.7AI score0.00108EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6933

Malicious code in bioql PyPI...

6.3CVSS5.9AI score0.00039EPSS

Exploits0References12

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-1821

Malicious code in bioql PyPI...

7.5CVSS7AI score0.00508EPSS

Exploits0References20

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-1621

Malicious code in bioql PyPI...

5.3CVSS5.3AI score0.00021EPSS

Exploits0References7

CNNVD•added 2025/08/25 12:0 a.m.•3 views

Langflow 安全漏洞

Langflow is a visualization framework for building multi-agent and RAG applications open-sourced by Langflow. A security vulnerability exists in Langflow that stems from improper management of permissions within a container, which could lead to elevation of privilege...

8.8CVSS6.4AI score0.00017EPSS

Exploits0References4

Tenable Nessus•added 2025/03/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2022-27651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers...

6.8CVSS6.6AI score0.00181EPSS

Exploits0References4

RedHat Linux•added 2024/07/29 2:36 a.m.•3 views

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

4.7CVSS7.3AI score0.00112EPSS

Exploits0References6

RedHat Linux•added 2024/07/22 1:26 a.m.•3 views

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

4.7CVSS7.3AI score0.00112EPSS

Exploits0References6

RedHat Linux•added 2024/07/18 3:43 p.m.•3 views

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

4.7CVSS7.3AI score0.00112EPSS

Exploits0References6

RedHat Linux•added 2024/07/11 11:44 a.m.•4 views

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

4.7CVSS7.3AI score0.00112EPSS

Exploits0References6

SUSE CVE•added 2024/07/10 3:36 a.m.•2 views

SUSE CVE-2024-6601

A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

4.7CVSS6.2AI score0.00112EPSS

Exploits0References10

RedhatCVE•added 2024/07/09 9:50 p.m.•17 views

CVE-2024-6601

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

6.1CVSS7.7AI score0.00112EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 4:56 a.m.•1 views

SUSE CVE-2016-8867

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes...

7.5CVSS6.8AI score0.00395EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 3:26 a.m.•1 views

SUSE CVE-2022-27650

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby Docker Engine where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...

5.6CVSS7.2AI score0.0009EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:26 a.m.•2 views

SUSE CVE-2022-27652

A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby Docker Engine where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs...

5.3CVSS5.1AI score0.00021EPSS

Exploits0References4

ATTACKERKB•added 2022/04/04 8:15 p.m.•0 views

CVE-2022-27651

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with...

6.8CVSS5.9AI score0.00181EPSS

Exploits0References10