9 matches found
CVE-2026-32146
A flaw was found in the Gleam compiler. A malicious direct or transitive git dependency can exploit an improper path validation vulnerability in the Gleam compiler's handling of git dependencies during dependency download. This allows for arbitrary file system modification, including the deletion...
gleam 安全漏洞
Gleam is an open-source, type-safe, extensible system construction language developed by Gleam. There are security vulnerabilities in Gleam versions 1.9.0-rc1 and earlier, up to 1.16.0-rc1, due to improper path validation when handling git dependencies. These vulnerabilities could lead to arbitra...
CVE-2025-43491 Poly Lens Desktop Application – Privilege Escalation
A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow modifications to the filesystem, which might lead to SYSTEM level privileges being granted...
CVE-2020-2025
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
Design/Logic Flaw
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
CVE-2020-2025 Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
Exploit for Improper Encoding or Escaping of Output in F5 Nginx
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including ones for CVE-2016-9086, CVE-2013-4547, and CVE-2017-1000353. The target...
Fedora 24 : pbuilder (2016-bdb86fbc7d)
Update to version 0.225.2, see http://metadata.ftp-master.debian.org/changelogs//main/p/pbuilder/pbui lder0.225.2changelog for details. ---- This update fixes a potential security issue where copy-on-write does not work when used with eatmydata, resulting in persistent filesystem changes. Note th...
Fedora 23 : pbuilder (2016-2e20730676)
Update to version 0.225.2, see http://metadata.ftp-master.debian.org/changelogs//main/p/pbuilder/pbui lder0.225.2changelog for details. ---- This update fixes a potential security issue where copy-on-write does not work when used with eatmydata, resulting in persistent filesystem changes. Note th...