Lucene search
K

17053 matches found

OSV
OSV
added 2025/11/18 3:44 p.m.3 views

GO-2025-4096 Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc

Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc...

7.8CVSS6.8AI score0.00673EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2025/11/18 3:34 p.m.4 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00526EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/18 3:34 p.m.12 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/11/18 12:31 a.m.4 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00526EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/18 12:31 a.m.5 views

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/11/18 12:16 a.m.2 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00526EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/18 12:16 a.m.2 views

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References2
CNVD
CNVD
added 2025/11/18 12:0 a.m.4 views

Google Chrome DevTools Improperly Implemented Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a DevTools mal-implementation vulnerability that can be exploited by an attacker to cause a sandbox escape...

7.5CVSS6.9AI score0.00176EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/18 12:0 a.m.4 views

Google Chrome Code Problem Vulnerability (CNVD-2025-29240)

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 136.0.7103.59, which stems from a flaw in the security handling of the sandboxing mechanism. The vulnerability can be exploited by an attacker to achieve a sandbox escape via a...

5.4CVSS6.8AI score0.00144EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.1 views

RHEL 9 : buildah (RHSA-2025:21634)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21634 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References4
OSV
OSV
added 2025/11/18 12:0 a.m.4 views

ALSA-2025:21702 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

7.5CVSS6.9AI score0.00526EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2025/11/18 12:0 a.m.8 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

7.5CVSS6.4AI score0.00526EPSS
Exploits1References4
OSV
OSV
added 2025/11/17 7:11 p.m.3 views

GO-2025-4106 Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve

Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve...

4.6CVSS6.8AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2025/11/17 6:15 p.m.7 views

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

7.4CVSS0.00172EPSS
Exploits0References1
OSV
OSV
added 2025/11/17 6:15 p.m.3 views

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

7.4CVSS5.8AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/17 5:18 p.m.7 views

CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/17 5:18 p.m.7 views

CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

6.6AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/11/17 5:18 p.m.17 views

CVE-2025-58407

CVE-2025-58407 concerns Imagination Technologies GPU DDK/driver software used in a Guest VM. The vulnerability is a TOCTOU race in the GPU firmware interaction (psFWMemContext->uiPageCatBaseRegSet) that could allow reading and/or writing data outside the allotted memory, enabling escape from t...

7.4CVSS6.6AI score0.00172EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.6 views

PT-2025-47174

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware, potentially exploiting a TOCTOU race condition. This could lead to a read and/or write of data outside the...

7.4CVSS6.5AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/17 12:0 a.m.1 views

RHEL 10 : buildah (RHSA-2025:21633)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21633 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References4
Rows per page
Query Builder