Lucene search
K

23 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from setting the fc-fsprivate pointer to NULL in ntfsfillsuper without releasing the memory it points...

5.8AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Mounting fails due to a buffer overflow in strlen. Starting with kernel 5.11, when building with CONFIGFORTIFYSOURCE, mounting an ocfs2 filesystem using either o2cb or pcmk cluster stack will fail. The issue seems to be th...

7.8CVSS6.1AI score0.00237EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/10 4:16 p.m.4 views

CVE-2026-30930

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenation with unsanitized system monitoring data. The normalize method wraps string values in single quotes but does not escape embedded single...

9.8CVSS5.7AI score0.00364EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/06 6:5 p.m.7 views

CVE-2025-59156

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

9.4CVSS7.7AI score0.00949EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/05 5:39 p.m.36 views

CVE-2025-59156 Coolify has Docker Compose Injection issue

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

9.4CVSS0.00949EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/11/25 12:47 a.m.3 views

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

7.3AI score
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-4519

Malware in sbrugna...

8.8CVSS9.1AI score0.02068EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/08/29 12:0 a.m.2 views

CVE-2024-46916

Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file. This can allow code execution and, ...

7.1AI score0.00343EPSS
Exploits1References3
OSV
OSV
added 2025/02/26 1:56 a.m.13 views

CVE-2022-49277 jffs2: fix memory leak in jffs2_do_mount_fs

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...

5.5CVSS5.3AI score0.00259EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2024/08/28 12:0 a.m.12 views

CVE-2023-45896

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...

6.1AI score0.00195EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/08/28 12:0 a.m.10 views

CVE-2023-45896

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...

7.1CVSS6.3AI score0.00195EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/08/06 1:59 a.m.4 views

SUSE CVE-2024-42149

In the Linux kernel, the following vulnerability has been resolved: fs: don't misleadingly warn during thaw operations The block device may have been frozen before it was claimed by a filesystem. Concurrently another process might try to mount that frozen block device and has temporarily claimed...

5.5CVSS7.7AI score0.00183EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/04/25 3:10 p.m.3 views

buildah: full container escape at build time

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References7
OSV
OSV
added 2024/03/18 3:15 p.m.8 views

AZL-42506 CVE-2024-1753 affecting package podman 4.1.1-26

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.4 views

Buildah security breach

Buildah is a tool that supports building OCI container images. A security vulnerability exists in Buildah 1.35.0 and earlier versions that stems from allowing containers to mount arbitrary locations on the host filesystem into the build container...

8.6CVSS6.8AI score0.0049EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.45 views

Oracle Linux 7 : Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne (ELSA-2020-5765)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5765 advisory. - x86/speculation: Add SRBDS vulnerability and mitigation documentation Mark Gross Orabug: 31446720 CVE-2020-0543 - x86/speculation: Add Special Regist...

8.8CVSS7AI score0.061EPSS
Exploits5References10
CNNVD
CNNVD
added 2021/05/27 12:0 a.m.5 views

Fedora 安全漏洞

Fedora is a set of Linux operating systems from the Fedora community. A security vulnerability exists in Fedora's Mounting /proc filesystem, which can be exploited by an attacker to bypass the chroot environment and gain write access to files...

5.5CVSS7.4AI score0.00303EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/18 12:0 a.m.46 views

Security update for singularity (important)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1100-1 Rating: important References: 1174148 1174150 1174152 Cross-References: CVE-2020-13845 CVE-2020-13846 CVE-2020-13847 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes three...

7.5CVSS7.1AI score0.01336EPSS
Exploits0References3
OSV
OSV
added 2019/12/31 2:15 a.m.3 views

UBUNTU-CVE-2019-19927

In the Linux kernel 5.0.0-rc7 as distributed in ubuntu/linux.git on kernel.ubuntu.com, mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttmputpages in drivers/gpu/drm/ttm/ttmpagealloc.c. This is related to the vmwgfx or ttm modu...

6CVSS7.1AI score0.00754EPSS
Exploits1References6
Mageia
Mageia
added 2018/05/16 8:24 a.m.59 views

Updated util-linux packages fix security vulnerability

A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion CVE-2018-7738...

7.8CVSS5.8AI score0.00457EPSS
Exploits0References2
Rows per page
Query Builder