Lucene search
K

464 matches found

Veracode
Veracode
added 2026/03/25 10:10 a.m.6 views

Use Of Incorrectly-Resolved Name Or Reference

github.com/apptainer/apptainer is vulnerable to Use of Incorrectly-Resolved Name or Reference. The vulnerability is due to improper enforcement of the --security option, which allows an attacker to disable AppArmor or SELinux restrictions and bypass container security controls...

5.3CVSS5.8AI score0.00198EPSS
Exploits0References7Affected Software2
CVE
CVE
added 2026/03/24 6:30 p.m.33 views

CVE-2026-23924

CVE-2026-23924 affects the Zabbix Agent 2 Docker plugin. The issue is improper sanitization of the docker.container_info parameters when forwarding to the Docker daemon, enabling an attacker capable of invoking Agent 2 to read arbitrary files from running Docker containers by injecting them via t...

6.1CVSS5.9AI score0.00251EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/18 3:36 p.m.8 views

Important: Red Hat Security Advisory: Release of containers for RHOSO 18.0.17 security update

Red Hat OpenStack Services on OpenShift RHOSO 18.0.17 containers are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.8AI score0.00459EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2026/03/13 3:8 a.m.3 views

CVE-2025-57849 Fuse: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, ca...

6.4CVSS6AI score0.00208EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/13 2:48 a.m.3 views

CVE-2025-8766

A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...

6.4CVSS5.9AI score0.00165EPSS
Exploits0References3
OSV
OSV
added 2026/03/03 4:13 p.m.2 views

OPENSUSE-SU-2026:20305-1 Security update for podman

This update for podman fixes the following issues: Changes in podman: - Add symlink to catatonit in /usr/libexec/podman bsc1248988 - CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read bsc1253993 - CVE-2025-47913: Fixed...

8.4CVSS6.8AI score0.01008EPSS
Exploits5References13
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.4 views

Astra Linux – Vulnerability in runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2, and 1.4.0-rc.2, an attacker can trick runc into redirecting write operations to /proc to other procfs files by using a racing container with shared mounts. We have also verified th...

7.5CVSS7.6AI score0.00523EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/25 4:16 p.m.8 views

CVE-2026-27208

bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to execute arbitrary commands with root privileges within the container, potentially leading to a...

9.2CVSS6AI score0.00655EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/24 1:52 p.m.20 views

CVE-2026-27208 api-gateway-deploy Affected by Exploitable Command Injection via Unprivileged Root Execution

bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to execute arbitrary commands with root privileges within the container, potentially leading to a...

9.2CVSS0.00655EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/24 1:52 p.m.4 views

EUVD-2026-8464

bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to execute arbitrary commands with root privileges within the container, potentially leading to a...

9.2CVSS6AI score0.00655EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.5 views

PT-2026-21750

Name of the Vulnerable Software and Affected Versions bleon-ethical/api-gateway-deploy version 1.0.0 Description The software is susceptible to an attack chain involving OS Command Injection and Privilege Escalation. Successful exploitation allows an attacker to execute arbitrary commands with ro...

9.2CVSS6.2AI score0.00655EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.12 views

cosign 信任管理问题漏洞

Cosign is a container signature, verification, and storage mechanism in the OCI registry of the United States. Versions of Cosign prior to 3.0.4 contained a trust management vulnerability. This vulnerability stemmed from issues with the certificate verification logic, potentially causing the...

3.7CVSS5.8AI score0.00197EPSS
Exploits2References3
NVD
NVD
added 2026/02/05 2:16 p.m.7 views

CVE-2025-13491

IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...

5.1CVSS0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/04 8:46 p.m.22 views

EUVD-2023-48031

EVE: SSH as Root Unlockable Without Triggering Measured Boot...

8.8CVSS7.9AI score0.00159EPSS
Exploits0References6
Snyk
Snyk
added 2026/02/02 11:39 p.m.7 views

Command Injection

Overview clawdbot is a WhatsApp gateway CLI Baileys web with Pi RPC agent Affected versions of this package are vulnerable to Command Injection via unsafe handling of the PATH environment variable when constructing shell commands. An authenticated user can execute arbitrary commands within the...

8.8CVSS5.8AI score0.04773EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
added 2026/01/22 12:0 a.m.8 views

Container and Containerization archive extraction does not guard against escapes from extraction base directory.

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

7.8CVSS5.4AI score0.00244EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/21 3:27 p.m.4 views

CVE-2025-12985

IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image...

8.4CVSS5.5AI score0.00124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/20 2:50 p.m.4 views

CVE-2025-12985 License Service: Privilege escalation vulnerability

IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image...

8.4CVSS6.6AI score0.00124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/12 6:1 p.m.4 views

CVE-2026-22252 LibreChat MCP Stdio Remote Command Execution

LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through a single API request. This vulnerability is fix...

9.1CVSS6.9AI score0.03678EPSS
Exploits4References2
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.4 views

LibreChat 授权问题漏洞

LibreChat is a free, highly customizable, unified AI conversation platform open-sourced by LibreChat, capable of aggregating and running large models from any vendor in a single interface. An authorization issue vulnerability exists in versions prior to LibreChat v0.8.2-rc2 that stems from the MC...

9.9CVSS6.6AI score0.03678EPSS
Exploits4References2
Rows per page
Query Builder