17344 matches found
Ubuntu 16.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-7875-1)
"The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7875-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwe...
podman security update
An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...
RLSA-2025:21220 Important: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...
podman security update
An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...
runc security update
An update is available for runc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The runC tool is a lightweight, portable implementation of the Open Container...
RLSA-2025:20957 Important: runc security update
The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...
Security update for tomcat
This update for tomcat fixes the following issues: Update to Tomcat 9.0.111: CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905...
SUSE-SU-2025:4159-1 Security update for tomcat
This update for tomcat fixes the following issues: Update to Tomcat 9.0.111: - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905 -...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
runc: container escape with malicious config due to /dev/console mount and related races
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...
runc: container escape via 'masked path' abuse due to mount race conditions
A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...
TencentOS Server 4: mozjs (TSSA-2025:0366)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0366 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: thunderbird (TSSA-2025:0395)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0395 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: firefox (TSSA-2025:0446)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0446 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:21232)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21232 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/conso...
Google Chrome < 83.0.4103.88 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 83.0.4103.88. It is, therefore, affected by multiple vulnerabilities as referenced in the 202006stable-channel-update-for-desktop advisory. - Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97...
TencentOS Server 3: tracker-miners (TSSA-2023:0320)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0320 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Google Chrome < 88.0.4324.104 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.104. It is, therefore, affected by multiple vulnerabilities as referenced in the 202101stable-channel-update-for-desktop19 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...
TencentOS Server 3: thunderbird (TSSA-2025:0447)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0447 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Google Chrome < 88.0.4324.104 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 88.0.4324.104. It is, therefore, affected by multiple vulnerabilities as referenced in the 202101stable-channel-update-for-desktop19 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...