Lucene search
K

15 matches found

AlpineLinux
AlpineLinux
added 2026/06/12 6:8 p.m.12 views

CVE-2026-41568

Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitra...

6.1CVSS5.3AI score0.00108EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/06 2:48 a.m.9 views

SUSE CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.2AI score0.00153EPSS
Exploits0References7
OSV
OSV
added 2026/06/05 2:17 a.m.6 views

UBUNTU-CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6AI score0.00153EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/05 12:35 a.m.6 views

CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.2AI score0.00153EPSS
Exploits0References2Affected Software3
Debian CVE
Debian CVE
added 2026/06/05 12:35 a.m.7 views

CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6AI score0.00153EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2018-11310

Malware in sbrugna...

5.5CVSS6.4AI score0.01408EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986711 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: Fix double increment of clientcount in dmachanget The first time dmachanget is called...

7.8CVSS5.8AI score0.00219EPSS
Exploits0References4
NVD
NVD
added 2025/06/18 10:15 a.m.10 views

CVE-2025-38042

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Drop skipfdq argument from k3udmaglueresetrxchn The user of k3udmaglueresetrxchn e.g. tiam65cpswnuss can run on multiple platforms having different DMA architectures. On some platforms there can be on...

5.5CVSS0.00138EPSS
Exploits0References2
OSV
OSV
added 2025/02/24 4:35 p.m.13 views

SUSE-SU-2025:0698-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklis...

7.8CVSS8.1AI score0.03301EPSS
Exploits1References9
Cvelist
Cvelist
added 2024/10/23 3:10 p.m.34 views

CVE-2024-49370 Change-Password via Portal-Profile sets PimcoreBackendUser password without hashing

Pimcore is an open source data and experience management platform. When a PortalUserObject is connected to a PimcoreUser and "Use Pimcore Backend Password" is set to true, the change password function in Portal Profile sets the new password. Prior to Pimcore portal engine versions 4.1.7 and 3.1.1...

8.7CVSS0.0051EPSS
Exploits1References1
OSV
OSV
added 2024/04/19 2:24 p.m.8 views

CVE-2023-49275 Wazuh vulnerable to NULL Pointer Dereference in wazuh-analysisd

Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when analysisd receives a syscollector message with th...

6.5CVSS6.7AI score0.00881EPSS
Exploits1References5
OSV
OSV
added 2024/04/04 8:20 a.m.7 views

CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References6
OSV
OSV
added 2019/06/21 8:28 a.m.2 views

SUSE-SU-2019:1610-1 Security update for wireshark

This update for wireshark to version 2.4.15 fixes the following issues: Security issue fixed: - Fixed a denial of service in the dissection engine bsc1136021...

7.1AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/09/11 7:53 a.m.5 views

bouncycastle: Information leak in AESFastEngine class

In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak...

5.3CVSS7AI score0.02678EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2018/06/04 12:0 a.m.10 views

PT-2018-4633 · Bouncy Castle +3 · Bouncy Castle Jce Provider +3

Name of the Vulnerable Software and Affected Versions: Bouncy Castle JCE Provider versions 1.55 and earlier Description: The issue is related to the AES algorithm implementation in the Bouncy Castle JCE Provider. Specifically, the AESFastEngine class used in versions 1.55 and earlier has a highly...

9.8CVSS6.2AI score0.24282EPSS
Exploits1References90
Rows per page
Query Builder