Lucene search
K

897 matches found

OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.4 views

Configure Proper Policies for INPUT of iptables

The INPUT chain is used to filter packets received from external systems. For any service provided for external systems, configure the corresponding INPUT policy and enable the related port so that external clients can access the service through the port. If the policy is not set, all packets tha...

7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.2 views

Configure Proper Association Policies for INPUT and OUTPUT of iptables

Although you can configure protocols, IP addresses, and port numbers to add policies for packets entering and leaving a server to the INPUT and OUTPUT chains, it is difficult to configure suitable policies using the sport parameter due to complicated situations. For example, a client accesses the...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/20 12:30 a.m.7 views

CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS6.9AI score0.00193EPSS
Exploits0References1
NVD
NVD
added 2025/09/18 11:15 p.m.5 views

CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/09/18 11:15 p.m.3 views

UBUNTU-CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS5.8AI score0.00193EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.5 views

PT-2025-38497

Name of the Vulnerable Software and Affected Versions PureVPN versions 2.0.1 and 2.10.0 Description PureVPN client applications on Linux mishandle firewalling. The applications flush existing iptables rules and apply default ACCEPT policies when connecting to a VPN server, removing previously...

3.7CVSS6.6AI score0.00193EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/09/18 12:0 a.m.14 views

CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/09/15 12:31 p.m.1 views

GHSA-2GCV-3QPF-C5QR Chaos Controller Manager is vulnerable to OS command injection

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.03269EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/09/15 12:31 p.m.5 views

Chaos Controller Manager is vulnerable to OS command injection

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.03269EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/09/15 11:41 a.m.19 views

CVE-2025-59361

The provided connected sources confirm CVE-2025-59361 pertains to Chaos Mesh’s Chaos Controller Manager, specifically an OS command injection in the mutation path (cleanIptables). The related entry CVE-2025-59358 describes an unauthenticated exposure via a GraphQL debugging surface that can kill ...

9.8CVSS8.1AI score0.03269EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.4 views

Chaos Mesh 操作系统命令注入漏洞

Chaos Mesh is an open source cloud-native engineering platform from Chaos Mesh Open Source. Chaos Mesh suffers from an OS command injection vulnerability that stems from the presence of OS command injection in cleanIptables, which could lead to remote code execution...

9.8CVSS8.3AI score0.03269EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-0347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution...

6.7CVSS7AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI...

7.5CVSS6.9AI score0.03119EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-54388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstre...

5.1CVSS6.1AI score0.00215EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2016-4998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service...

7.1CVSS6.9AI score0.01885EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-20177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rul...

4.4CVSS6.6AI score0.00277EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-42270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr- deref in iptablenattableinit. We had a report that...

5.5CVSS6.2AI score0.00226EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-22021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, ...

5.5CVSS6.7AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/01 12:0 a.m.4 views

Docker Engine 28.2 < 28.3.3 Local Docker Ports Exposed to Network

The version of the Docker Engine Moby installed on the remote host is between 28.2.0 to 28.3.2 It is therefore affected by an vulnerability that exposes local ports to the network. When the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker...

5.1CVSS6.1AI score0.00215EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/30 11:21 p.m.9 views

SUSE CVE-2025-54388

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...

5.2CVSS6.9AI score0.00215EPSS
Exploits0References13
Rows per page
Query Builder