CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2021-1344

Malware in sbrugna...

6.5CVSS6.4AI score0.00054EPSS

Exploits0References5

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in xml-sandbox-container-process-long (npm)

The package xml-sandbox-container-process-long was found to contain malicious code...

7AI score

Exploits0

VulnCheck KEV•added 2024/05/07 12:0 a.m.•0 views

VulnCheck KEV: CVE-2024-21626

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...

8.6CVSS6.9AI score0.05076EPSS

Exploits18References1

Tenable Nessus•added 2024/04/08 12:0 a.m.•31 views

EulerOS 2.0 SP9 : docker-runc (EulerOS-SA-2024-1483)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...

8.6CVSS7.4AI score0.05076EPSS

Exploits18References2

Veracode•added 2024/02/01 12:28 p.m.•45 views

Sandbox Escape

runc is vulnerable to Sandbox Escape. The vulnerability is caused due to an internal file descriptor leak in runc. An attacker can exploit the leaked file descriptors to cause a newly-spawned container process, initiated by the runc exec command, to have a working directory in the host filesystem...

8.6CVSS6.5AI score0.05076EPSS

Exploits18References10Affected Software2

RedHat Linux•added 2023/11/07 8:47 a.m.•1 views

runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration

A flaw was found in runc. This vulnerability could allow a remote attacker to bypass security restrictions and create a symbolic link inside a container to the /proc directory, bypassing AppArmor and SELinux protections...

7.8CVSS6.9AI score0.00012EPSS

Exploits0References5

OSV•added 2021/06/22 8:15 p.m.•15 views

CVE-2021-32699

Wings is the control plane software for the open source Pterodactyl game management system. All versions of Pterodactyl Wings prior to 1.4.4 are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intend...

6.5CVSS6.4AI score

Exploits0References2

NVD•added 2021/06/22 8:15 p.m.•11 views

CVE-2021-32699

6.5CVSS0.00054EPSS

Exploits0References2

UbuntuCve•added 2020/06/03 11:15 p.m.•26 views

CVE-2020-11091

In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...

5.8CVSS6.2AI score0.00166EPSS

Exploits0References3

Zero Day Initiative•added 2017/05/03 12:0 a.m.•53 views

Mozilla Firefox ClearKeyDecryptor Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

5.1CVSS9.4AI score0.01377EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by