Lucene search
K

238 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.6 views

NVIDIA Container Toolkit < 1.19.1 TOCTOU Race Condition (June 2026)

The version of NVIDIA Container Toolkit installed on the remote host is prior to 1.19.1. It is, therefore, affected by a vulnerability as referenced in the June 2026 advisory. - NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use...

8.5CVSS6.1AI score0.00489EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering...

8.5CVSS0.00489EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 2:34 p.m.33 views

CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering...

8.5CVSS0.00489EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 2:10 p.m.16 views

CLEANSTART-2026-SF49994 Security fixes for CVE-2025-0913, CVE-2025-22866, CVE-2025-22870, CVE-2025-22871, CVE-2025-22873, CVE-2025-4673, CVE-2025-4674, CVE-2025-47906, CVE-2025-47907, CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61731, CVE-2025-61732, CVE-2026-25679, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-27145, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42504, CVE-2026-42507 applied in versions: 1.18.2-r0, 1.18.2-r1, 1.19.0-r0

Multiple security vulnerabilities affect the nvidia-container-toolkit package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS6.8AI score0.01945EPSS
Exploits6References107
CBLMariner
CBLMariner
added 2026/05/30 12:34 a.m.11 views

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 12:34 a.m.9 views

CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

9.1CVSS5.8AI score0.00533EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/14 4:53 p.m.42 views

CVE-2026-41888 Distribution: Tag deletion bypasses `storage.delete.enabled` configuration

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.1, tag deletion via the DELETE /v2//manifests/ endpoint bypasses the storage.delete.enabled: false configuration, allowing any API client to remove tags from repositories even when the operator has...

6.3CVSS0.00294EPSS
Exploits1References1
CVE
CVE
added 2026/05/14 4:53 p.m.25 views

CVE-2026-41888

CVE-2026-41888 affects the Distribution toolkit (prior to v3.1.1). The issue is that DELETE /v2//manifests/ can bypass storage.delete.enabled: false, letting API clients remove tags from repositories even when deletion is disabled. Impact: unauthorized tag deletions. Remediation: upgrade to v3.1....

6.5CVSS5.8AI score0.00294EPSS
Exploits1References1Affected Software1
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.12 views

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: chezmoi, falco-no-driver, gitlab-pages, cert-manager, cloud-provider-aws, keda, external-secrets-operator, newrelic-fluent-bit-output, gitaly, aws-flb-firehose, k8s-device-plugin, kots, k3s, kaf, cilium, karpenter, redka, kyverno, spire-server, aws-flb-kinesis,...

6.4CVSS6.8AI score0.00292EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.6 views

GHSA-XJ38-JXC5-RPPX vulnerabilities

Vulnerabilities for packages: backup-restore-operator, telegraf, k3s, beats-fips, cloud-provider-aws, ingress-nginx-controller-fips, libnvidia-container, karpenter, gitaly, gitlab-kas, runc, loki, localstack, prometheus-mongodb-exporter, kubernetes-dashboard, knative-eventing-fips, azuredisk-csi,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.8 views

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: backup-restore-operator, telegraf, k3s, beats-fips, cloud-provider-aws, ingress-nginx-controller-fips, libnvidia-container, karpenter, gitaly, gitlab-kas, runc, loki, localstack, prometheus-mongodb-exporter, kubernetes-dashboard, knative-eventing-fips, azuredisk-csi,...

6.4CVSS6.8AI score0.00292EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.55 views

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-resizer-fips, sftpgo-plugin-pubsub, volcano, boring-registry, newrelic-k8s-metadata-injection-fips, gitlab-kas, amazon-eks-ami-fips, prometheus-redis-exporter-fips, cni-plugins, stakater-reloader, docker-credential-acr-env-fips, amazon-eks-ami...

6.1AI score
Exploits0
OSV
OSV
added 2026/04/06 8:16 p.m.4 views

UBUNTU-CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS5.8AI score0.00455EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.9 views

MiracleLinux 9 : toolbox-0.2-1.el9_6 (AXSA:2025-10740:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10740:02 advisory. nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Container Toolkit CVE-2025-23266 Tenable has extracted the preceding...

9CVSS8.5AI score0.02541EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.7 views

SUSE SLES15 / openSUSE 15 Security Update : nvidia-container-toolkit (SUSE-SU-2025:4187-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4187-1 advisory. - Update to version 1.18.0: - This is a major release and includes the following high-level changes: - The default mo...

9CVSS7.5AI score0.37055EPSS
Exploits7References28
SUSE Linux
SUSE Linux
added 2025/11/24 7:59 a.m.5 views

Security update for nvidia-container-toolkit

This update for nvidia-container-toolkit fixes the following issues: Update to version 1.18.0: This is a major release and includes the following high-level changes: The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification instead...

9.4CVSS7.2AI score0.37055EPSS
Exploits7References36
OSV
OSV
added 2025/11/24 7:58 a.m.5 views

SUSE-SU-2025:4187-1 Security update for nvidia-container-toolkit

This update for nvidia-container-toolkit fixes the following issues: - Update to version 1.18.0: - This is a major release and includes the following high-level changes: - The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification...

9CVSS7AI score0.37055EPSS
Exploits7References19
Redos
Redos
added 2025/10/30 12:0 a.m.5 views

ROS-20251030-01

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

5.5CVSS7AI score0.00235EPSS
Exploits0
Redos
Redos
added 2025/10/28 12:0 a.m.5 views

ROS-20251028-10

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

9CVSS8AI score0.37055EPSS
Exploits7
Redos
Redos
added 2025/10/28 12:0 a.m.7 views

ROS-20251028-11

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

9CVSS8AI score0.37055EPSS
Exploits7
Rows per page
Query Builder