Lucene search
K

4718 matches found

RedHat Linux
RedHat Linux
added 2024/09/09 10:39 a.m.32 views

Important: Red Hat Security Advisory: MTV 2.6.6 Images

Updated Release packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.00586EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.3 views

PT-2024-31445 · Unknown · Lemonldap::Ng

Name of the Vulnerable Software and Affected Versions: LemonLDAP::NG versions 2.18.x through 2.19.1 Description: The issue is related to incorrect credential validation, allowing attackers to bypass OAuth2 client authentication. This can be achieved by providing an empty client password parameter...

9.1CVSS6.9AI score0.00515EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.4 views

PT-2024-38768 · Rapid7 · Rapid7 Insight Platform

Name of the Vulnerable Software and Affected Versions: Rapid7 Insight Platform versions between November 2019 and August 14, 2024 Description: The issue is related to missing authorization in the Rapid7 Insight Platform, allowing an attacker to intercept local requests and potentially add an empt...

3.1CVSS6.9AI score0.00177EPSS
Exploits0References8
OSV
OSV
added 2024/09/06 8:43 p.m.17 views

GO-2024-3110 Can be confused to create empty files/directories on the host in github.com/opencontainers/runc

Can be confused to create empty files/directories on the host in github.com/opencontainers/runc...

3.6CVSS5.4AI score0.00317EPSS
Exploits0References5
Veracode
Veracode
added 2024/09/06 12:36 p.m.6 views

Out-of-bounds Read

tensorflow,tensorflowcpu and tensorflowgpu are vulnerable to Out-of-bounds Read. The vulnerability is caused due to the implementations of the Minimum and Maximum TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are...

7.1CVSS6.6AI score0.00198EPSS
Exploits1References6Affected Software3
Positive Technologies
Positive Technologies
added 2024/09/06 12:0 a.m.4 views

PT-2024-32256 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the ASoC: Intel: soc-acpi-intel-mtl-match component in the Linux kernel. There is no links num in the struct snd soc acpi mach and the code tests !link-num adr ...

5.5CVSS6.6AI score0.00176EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2024/09/04 3:14 a.m.2 views

SUSE CVE-2024-45310

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References17
Github Security Blog
Github Security Blog
added 2024/09/03 7:49 p.m.19 views

runc can be confused to create empty files/directories on the host

Impact runc 1.1.13 and earlier as well as 1.2.0-rc2 and earlier can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with os.MkdirAll. While this can be used to create empty files,...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/09/03 7:49 p.m.6 views

GHSA-JFVP-7X6P-H2PV runc can be confused to create empty files/directories on the host

Impact runc 1.1.13 and earlier as well as 1.2.0-rc2 and earlier can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with os.MkdirAll. While this can be used to create empty files,...

4.8CVSS4.3AI score0.00317EPSS
Exploits0References9
OSV
OSV
added 2024/09/03 7:15 p.m.11 views

AZL-48543 CVE-2024-45310 affecting package runc for versions less than 1.2.2-1

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS7AI score0.00317EPSS
Exploits0References1
OSV
OSV
added 2024/09/03 7:15 p.m.10 views

AZL-48531 CVE-2024-45310 affecting package podman for versions less than 5.6.1-2

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS7AI score0.00317EPSS
Exploits0References1
OSV
OSV
added 2024/09/03 7:15 p.m.13 views

AZL-48590 CVE-2024-45310 affecting package moby-runc for versions less than 1.1.9-8

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS7AI score0.00317EPSS
Exploits0References1
OSV
OSV
added 2024/09/03 7:15 p.m.2 views

UBUNTU-CVE-2024-45310

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS7AI score0.00317EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/09/03 7:7 p.m.17 views

CVE-2024-45310 runc can be confused to create empty files/directories on the host

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS7AI score0.00317EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/03 12:0 a.m.4 views

runc 安全漏洞

runc is an Open Container Initiative open source CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc version 1.1.13 and earlier and version 1.2.0-rc2 and earlier, which stems from a contention condition ...

3.6CVSS6.4AI score0.00317EPSS
Exploits0References8
OSV
OSV
added 2024/08/29 11:15 a.m.3 views

CVE-2024-5987

The WP Accessibility Helper WAH plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savecontrastvariations' and 'saveemptycontrastvariations' functions in all versions up to, and including, 0.6.2.8. This makes it possible for...

4.3CVSS5.8AI score0.00264EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.7 views

PT-2024-37295 · WordPress · Wp Accessibility Helper

Name of the Vulnerable Software and Affected Versions: WP Accessibility Helper plugin versions prior to 0.6.2.8 Description: The issue allows authenticated attackers with Subscriber-level access and above to edit or delete contrast settings due to a missing capability check on the save contrast...

5.4CVSS6.4AI score0.00264EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/08/24 11:15 p.m.10 views

CVE-2024-45236

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying...

7.5CVSS5.9AI score0.00481EPSS
Exploits0References3
OSV
OSV
added 2024/08/22 5:56 a.m.3 views

BELL-CVE-2024-43815

Bulletin has no description...

7.1CVSS7.2AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2024/08/21 4:3 p.m.12 views

GO-2022-1152 Traefik routes exposed with an empty TLSOption in github.com/traefik/traefik

Traefik routes exposed with an empty TLSOption in github.com/traefik/traefik...

8.1CVSS6.9AI score0.00488EPSS
Exploits0References5
Rows per page
Query Builder