SUSE CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

CVE-2025-57847 Ansible-automation-platform: privilege escalation via excessive group writable /etc/passwd permissions

A container privilege escalation flaw was found in certain Ansible Automation Platform images. This issue arises from the /etc/passwd file being created with group-writable permissions during the build process. In certain conditions, an attacker who can execute commands within an affected...

CVE-2026-33945

Incus (system container/VM manager) before version 6.23.0 allows privilege escalation via credentials to systemd in the guest. In containers, credentials are passed through a shared directory; an attacker can set a config key like systemd.credential.../../../../../../root/.bashrc, exploiting that...

CVE-2025-12985 License Service: Privilege escalation vulnerability

IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image...

Red Hat OpenShift Dev Spaces 安全漏洞

Red Hat OpenShift Dev Spaces is a cloud-based development environment from Red Hat USA. A security vulnerability exists in Red Hat OpenShift Dev Spaces that stems from improper permissions in the /etc/passwd file, which could result in elevated privileges within the container...

Race Condition Enabling Link Following

Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...

Race Condition Enabling Link Following

Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...

CVE-2025-33003

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to execution with unnecessary privileges...

EUVD-2025-37351

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to execution with unnecessary privileges...

CVE-2025-33003

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to execution with unnecessary privileges...

CVE-2025-33003

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to execution with unnecessary privileges...

CVE-2025-33003

CVE-2025-33003 affects IBM InfoSphere Information Server versions 11.7.0.0 to 11.7.1.6. The Red Hat and IBM bulletins confirm a privilege-escalation issue where a non-root user could gain higher privileges within a container due to execution with unnecessary privileges. Exploitation details are n...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to privilege escalation (CVE-2025-33003)

Summary A privilege escalation vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-33003 DESCRIPTION: IBM InfoSphere Information Server could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to executio...

EUVD-2021-26453

Malware in sbrugna...

CVE-2025-57852

A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a...

CVE-2024-47120

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges...

CVE-2024-47120

CVE-2024-47120 affects IBM Security Verify Information Queue (ISIQ) versions 10.0.5–10.0.8. Connected sources indicate the root cause is containers running with unnecessary privileges, enabling a privileged user to escalate privileges and expand the host attack surface. The IBM security bulletin ...

CVE-2024-47120 IBM Security Verify Information Queue code execution

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges...

CVE-2024-47120 IBM Security Verify Information Queue code execution

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges...

PT-2025-37095

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Information Queue versions 10.0.5 through 10.0.8 Description: IBM Security Verify Information Queue containers may run with unnecessary privileges, potentially allowing a privileged user to escalate their privileges and...