CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/04/08 12:0 a.m.•2 views

RockyLinux 9 : crun (RLSA-2026:6621)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6621 advisory. crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 Tenable has extracted the preceding description block directly from...

Tenable Nessus•added 2026/04/07 12:0 a.m.•4 views

Oracle Linux 10 : crun (ELSA-2026-6622)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-6622 advisory. - fixes CVE-2026-30892 crun: crun: Privilege escalation due to incorrect parsing of the --user option rhel-10.1.z Tenable has extracted the preceding descripti...

Tenable Nessus•added 2026/04/07 12:0 a.m.•2 views

Exploits1References2

Oracle Linux 9 : crun (ELSA-2026-6621)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-6621 advisory. - fixes CVE-2026-30892 crun: crun: Privilege escalation due to incorrect parsing of the --user option rhel-9.7.z Tenable has extracted the preceding description...

Tenable Nessus•added 2026/04/06 12:0 a.m.•2 views

Exploits1References2

RHEL 9 : crun (RHSA-2026:6621)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:6621 advisory. crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 For more details...

Tenable Nessus•added 2026/04/06 12:0 a.m.•1 views

Exploits1References5

AlmaLinux 10 : crun (ALSA-2026:6622)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:6622 advisory. crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 Tenable has extracted the preceding description block directly from...

Tenable Nessus•added 2026/04/06 12:0 a.m.•1 views

AlmaLinux 9 : crun (ALSA-2026:6621)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:6621 advisory. crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 Tenable has extracted the preceding description block directly from t...

Tenable Nessus•added 2026/04/02 12:0 a.m.•3 views

Fedora 43 : crun (2026-4747ff73a3)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4747ff73a3 advisory. Automatic update for crun-1.27-1.fc43. Changelog for crun Wed Mar 25 2026 Packit - 1.27-1 - Update to 1.27 upstream release Mon Dec 22 2025 Packit - 1.26-1 -...

Cvelist•added 2026/03/25 11:57 p.m.•21 views

Exploits1References2

CVE-2026-30892 Crun incorrectly parses `crun exec` option `-u`, leading to privilege escalation

crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the crun exec option -u --user is incorrectly parsed. The value 1 is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected...

0.00017EPSS

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 8 : container-tools:3.0 (AXSA:2022-3596:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3596:01 advisory. crun: Default inheritable capabilities for linux container should be empty CVE-2022-27650 Tenable has extracted the preceding description block directly from...

7.5CVSS5.6AI score0.0009EPSS

OSV•added 2026/01/09 2:5 p.m.•6 views

OESA-2026-1008 crun security update

crun is a fast and low-memory footprint OCI Container Runtime fully written in C. Security Fixes: crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creatio...

8.5CVSS6.6AI score0.00227EPSS

Tenable Nessus•added 2025/11/20 12:0 a.m.•4 views

TencentOS Server 4: crun (TSSA-2025:0244)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0244 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.5CVSS7.7AI score0.00227EPSS

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2019-8538

Malware in sbrugna...

8.6CVSS8.5AI score0.00561EPSS

Exploits0References7

Tenable Nessus•added 2025/08/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-24965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the...

8.5CVSS7.3AI score0.00227EPSS