463 matches found
EUVD-2025-23153
Malicious code in bioql PyPI...
EUVD-2025-30250
Malicious code in bioql PyPI...
EUVD-2025-15114
Malicious code in bioql PyPI...
EUVD-2023-1058
Malicious code in bioql PyPI...
EUVD-2024-3348
Malicious code in bioql PyPI...
EUVD-2022-32150
Malicious code in bioql PyPI...
EUVD-2022-1700
Malicious code in bioql PyPI...
EUVD-2024-2945
Malicious code in bioql PyPI...
EUVD-2024-1155
Malicious code in bioql PyPI...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
DEBIAN-CVE-2025-54288
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the...
CVE-2025-54288
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the...
Important: Red Hat Security Advisory: podman security update
An update for podman is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2025-34204
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...
CVE-2025-34204
Summary: CVE-2025-34204 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments). Multiple Docker containers run core processes (e.g., PHP workers, Node.js servers, custom binaries) as root, increasing blast radius if a container is breached an...
WizOS Is Here: Transforming Container Security from the Image Up
WizOS is in public preview starting today, enabling Wiz customers to adopt and operationalize secured images at scale...
Built-in Runtime Security for Containers
Security teams struggle with visibility into behaviors inside their running containers. Qualys is today announcing general availability of Container Runtime Security CRS to provide industry-leading visibility for running containers using an approach that is container-engine agnostic and layered...
Built-in Runtime Security for Containers
Security teams struggle with visibility into behaviors inside their running containers. Qualys is today announcing general availability of Container Runtime Security CRS to provide industry-leading visibility for running containers using an approach that is container-engine agnostic and layered...
CVE-2025-36193 IBM Transformation Advisor incorrect permissions
IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Transformation Advisor Operator Catalog image...
CVE-2025-4437 Cri-o: large /etc/passwd file may lead to denial of service
There's a vulnerability in the CRI-O application where when container is launched with securityContext.runAsUser specifying a non-existent user, CRI-O attempts to create the user, reading the container's entire /etc/passwd file into memory. If this file is excessively large, it can cause the a hi...