897 matches found
CVE-2025-54410
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...
Moby 安全漏洞
Moby is an open source project of Moby Open Source. It aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby versions 28.2.0 through 28.3.2, which stems from the failure to recreate iptables rules when the...
Moby 安全漏洞
Moby is an open source project of Moby Open Source. It aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby versions prior to 28.0.0 that stems from the failure to recreate iptables rules when firewalld is...
GHSA-4VQ8-7JFC-9CVP Moby firewalld reload removes bridge network isolation
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker, or Docker...
Moby firewalld reload removes bridge network isolation
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker, or Docker...
GHSA-X4RX-4GW3-53P4 Moby firewalld reload makes published container ports accessible from remote hosts
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker, or Docker...
Moby firewalld reload makes published container ports accessible from remote hosts
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker, or Docker...
PT-2025-31368
Name of the Vulnerable Software and Affected Versions Moby versions 28.2.0 through 28.3.2 Description Moby is an open source container framework developed by Docker Inc. When the firewalld service is reloaded, it removes all iptables rules, including those created by Docker. In affected versions,...
Advisory ROSA-SA-2025-2875
Software: iptables 1.8.7 OS: ROSA-CHROME packageevrstring: iptables-1.8.7 CVE-ID: None BDU-ID: 2025-02342 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Linux operating system iptables packet filtering rule table configuration and management utility is related to insecure privilege management...
CVE-2023-33376
Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices...
CVE-2020-0347
In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008...
CVE-2017-8217
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface...
Configure Proper Policies for INPUT of iptables
The INPUT chain is used to filter packets received from external systems. For any service provided for external systems, configure the corresponding INPUT policy and enable the related port so that external clients can access the service through the port. If the policy is not set, all packets tha...
Ensure a Firewall Service is Enabled
A firewall is a fundamental security control that enforces mandatory access between networks or systems. Without a firewall, systems are exposed to unauthorized access, data theft, tampering, bandwidth abuse, and malicious traffic. Linux commonly provides three firewall services: firewalld defaul...
Configure the iptables Policies for Loopback Properly
The loopback address 127.0.0.0/8 is a special address on a server. It is irrelevant to NICs and is mainly used for the inter-process communication of a local device. Packets with the source address 127.0.0.0/8 from NICs should be discarded. If policies related to the loopback address are improper...
Configure Proper Policies for OUTPUT of iptables
There are two occasions in which a server sends outgoing packets: 1. The local host process proactively connects to an external server, for example, performing an HTTP access, or sending data to a log server. 2. The local host responds to the external access to the local services. If no policy is...
Configure Proper Association Policies for INPUT and OUTPUT of iptables
Although you can configure protocols, IP addresses, and port numbers to add policies for packets entering and leaving a server to the INPUT and OUTPUT chains, it is difficult to configure suitable policies using the sport parameter due to complicated situations. For example, a client accesses the...
CVE-2024-6030
Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this...
CVE-2024-6030
Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this...
CVE-2024-6030 Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability
Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this...