Lucene search
K

17051 matches found

Ubuntu
Ubuntu
added 2025/11/24 11:21 a.m.7 views

USN-7851-2: runC regression

USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possib...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/11/24 11:21 a.m.6 views

USN-7851-2 runc-app, runc-stable regression

USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possib...

5.8AI score
Exploits0References2
OSV
OSV
added 2025/11/24 7:56 a.m.7 views

SUSE-SU-2025:4184-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905 - CVE-2025-61795: Fixed denial o...

9.6CVSS8.8AI score0.66535EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2025/11/24 12:0 a.m.6 views

Google Chrome < 98.0.4758.82 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 98.0.4758.82. It is, therefore, affected by multiple vulnerabilities as referenced in the 202202stable-channel-update-for-desktop advisory. - Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80...

9.6CVSS7.5AI score0.00953EPSS
Exploits3References41
Tenable Nessus
Tenable Nessus
added 2025/11/24 12:0 a.m.2 views

Google Chrome < 98.0.4758.81 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 98.0.4758.81. It is, therefore, affected by multiple vulnerabilities as referenced in the 202202stable-channel-update-for-desktop advisory. - Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80...

9.6CVSS7.5AI score0.00953EPSS
Exploits3References41
Tenable Nessus
Tenable Nessus
added 2025/11/24 12:0 a.m.4 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.59 (RHSA-2025:21328)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21328 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.1CVSS7.2AI score0.00724EPSS
Exploits4References10
Packet Storm News
Packet Storm News
added 2025/11/22 12:0 a.m.5 views

EBPF-PATROL: Protective Agent for Threat Recognition and Overreach Limitation Using EBPF in Containerized and Virtualized Environments

With the increasing use and adoption of cloud and cloud-native computing, the underlying technologies i.e., containerization and virtualization have become foundational. However, strict isolation and maintaining runtime security in these environments has become increasingly challenging. Existing...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.7 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2025:4159-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4159-1 advisory. Update to Tomcat 9.0.111: - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled...

9.6CVSS7.2AI score0.66535EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.1 views

RockyLinux 10 : podman (RLSA-2025:21220)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21220 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.6 views

Ubuntu 16.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-7875-1)

"The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7875-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwe...

9.1CVSS7.6AI score0.01367EPSS
Exploits8References29
Rockylinux
Rockylinux
added 2025/11/21 6:19 p.m.3 views

podman security update

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

7.5CVSS7AI score0.00526EPSS
Exploits1
OSV
OSV
added 2025/11/21 6:19 p.m.4 views

RLSA-2025:21220 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

8.2CVSS6.9AI score0.00526EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/11/21 6:13 p.m.4 views

runc security update

An update is available for runc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The runC tool is a lightweight, portable implementation of the Open Container...

8.4CVSS6.9AI score0.00673EPSS
Exploits4
Rockylinux
Rockylinux
added 2025/11/21 6:13 p.m.4 views

podman security update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

7.5CVSS7AI score0.00526EPSS
Exploits1
OSV
OSV
added 2025/11/21 6:13 p.m.4 views

RLSA-2025:20957 Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...

8.2CVSS6.8AI score0.00673EPSS
Exploits4References4
SUSE Linux
SUSE Linux
added 2025/11/21 2:32 p.m.13 views

Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.111: CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905...

7.7CVSS6.8AI score0.66535EPSS
Exploits4References12
OSV
OSV
added 2025/11/21 2:31 p.m.8 views

SUSE-SU-2025:4159-1 Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.111: - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905 -...

9.6CVSS9.5AI score0.66535EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2025/11/20 7:57 a.m.4 views

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

8.4CVSS5.7AI score0.00526EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/11/20 7:57 a.m.6 views

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

7.8CVSS5.8AI score0.00673EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2025/11/20 7:57 a.m.3 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00526EPSS
Exploits1References6
Rows per page
Query Builder