Lucene search
K

122 matches found

Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering...

8.5CVSS0.00489EPSS
Exploits0References3
Debian CVE
Debian CVE
added last week4 views

CVE-2026-9639

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...

6.5CVSS5.7AI score0.00376EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/06/18 8:5 p.m.19 views

USN-8447-2: LXD vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in LXD for CVE-2026-39830, CVE-2026-39833, CVE-2026-39834, and CVE-2026-42508. Original advisory details: It was discovered that Go Cryptography did not properly...

9.1CVSS5.8AI score0.005EPSS
Exploits0
OSV
OSV
added 2026/06/12 12:26 p.m.8 views

OESA-2026-2657 lxc security update

Linux Containers userspace tools Security Fixes: lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-n...

6.5CVSS5.3AI score0.00162EPSS
Exploits1References2
Redos
Redos
added 2026/05/13 12:0 a.m.7 views

ROS-20260513-73-0020

Vulnerability in lxd related to the use of an incomplete blacklist. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.1CVSS6.2AI score0.00363EPSS
Exploits0
Redos
Redos
added 2026/05/13 12:0 a.m.10 views

ROS-20260513-73-0019

Vulnerability in lxd due to insufficient control over modification of dynamically defined object characteristics. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.1CVSS6.2AI score0.00274EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.8 views

Incus 安全漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 7.0.0 contained security vulnerabilities. These vulnerabilities stemmed from the possibility of disk space exhaustion due to the upload of large amounts of data, which could affect the host system...

4.3CVSS5.8AI score0.00333EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/05 8:45 p.m.6 views

CVE-2026-39402 lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

4.3CVSS5.8AI score0.00162EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

LXC 安全漏洞

LXC is an open-source low-level Linux container runtime that has been extensively tested. LXC has a security vulnerability, which stems from a logical flaw in the deletion path of the findline function within the setuid helper program lxc-user-nic. This flaw allows non-privileged users to delete...

6.5CVSS5.7AI score0.00162EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.5 views

SUSE CVE-2026-34178

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An...

9.1CVSS5.9AI score0.00424EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.3 views

SUSE CVE-2026-34179

In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/fingerprint for restricted TLS certificate users, allowing a remote authenticated attacker to escalate...

9.1CVSS5.8AI score0.00274EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/09 9:18 a.m.4 views

CVE-2026-34178 Importing a crafted backup leads to project restriction bypass

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An...

9.1CVSS6AI score0.00424EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.7 views

LXD 安全漏洞

LXD is a Canonical open-source container-based system for managing applications on Linux systems. Versions of LXD from 4.12 to 6.7 have security vulnerabilities. These vulnerabilities stem from the lack of validation of the Type field in the doCertificateUpdate function when handling PUT/PATCH...

9.1CVSS5.8AI score0.00274EPSS
Exploits1References2
OSV
OSV
added 2026/04/07 6:46 p.m.9 views

USN-8089-3 adsys, juju-core, lxd vulnerabilities

USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go...

7.5CVSS6.9AI score0.07293EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

Incus 安全漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of predictable temporary file paths, which could lead to denial-of-service attacks or local privilege escalati...

7.8CVSS5.8AI score0.0035EPSS
Exploits1References2
OSV
OSV
added 2026/03/12 3:16 p.m.2 views

DEBIAN-CVE-2026-28384

An improper sanitization of the compressionalgorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the sn...

9.4CVSS5.5AI score0.00502EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/03 12:49 p.m.4 views

CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS5.9AI score0.00141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 3: container-tools:rhel8 (TSSA-2022:0110)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0110 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.3CVSS7.5AI score0.9857EPSS
Exploits38References12
EUVD
EUVD
added 2025/11/13 11:1 p.m.2 views

EUVD-2025-180203

LXD vulnerable to a local privilege escalation through custom storage volumes...

6.4AI score
Exploits0References8
OSV
OSV
added 2025/11/13 11:1 p.m.2 views

GHSA-3G2J-VM47-X4MJ LXD vulnerable to a local privilege escalation through custom storage volumes

Impact This affects any LXD user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would be...

8.6CVSS6.9AI score
Exploits0References8
Rows per page
Query Builder