Lucene search
K

586 matches found

Github Security Blog
Github Security Blog
added 2026/07/06 8:27 p.m.11 views

Decompress: Archive extraction can create files and links outside of the target directory

Impact When extracting an archive to a directory, a crafted archive can read or write files outside that directory. The flaw is in the code that writes the parsed entries, so it affects every format decompress handles: tar, tar.gz, tar.bz2, and zip by default, plus any others added through the...

9.8CVSS6AI score0.02147EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cann...

7.8CVSS5.9AI score0.00221EPSS
Exploits1References3
NVD
NVD
added 2026/07/01 6:16 p.m.10 views

CVE-2026-46680

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.8CVSS0.00221EPSS
Exploits1References1
OSV
OSV
added 2026/07/01 6:16 p.m.3 views

DEBIAN-CVE-2026-46680

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.8CVSS5.7AI score0.00221EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/07/01 5:40 p.m.39 views

CVE-2026-46680 containerd user ID handling bypass allows runAsNonRoot evasion

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.3CVSS0.00221EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/07/01 5:40 p.m.10 views

CVE-2026-46680

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.8CVSS5.7AI score0.00221EPSS
Exploits1
CVE
CVE
added 2026/07/01 5:40 p.m.214 views

CVE-2026-46680

CVE-2026-46680 concerns containerd, the container runtime. A flaw in how numeric User directives are parsed (not a 32-bit integer) can cause such values to be treated as usernames, enabling runAsNonRoot evasion. If a crafted image supplies an /etc/passwd mapping that maps this large numeric strin...

7.8CVSS5.7AI score0.00221EPSS
Exploits1References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/07/01 5:40 p.m.26 views

CVE-2026-46680

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.8CVSS5.7AI score0.00221EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51110

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.5 Description Users granted namespace management capabilities within a non-root namespace can abuse the canonicalization of the literal path "root" to manage the containing namespace itself. Several endpoints unde...

2.3CVSS5.9AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.15 views

EulerOS 2.0 SP13 : NetworkManager (EulerOS-SA-2026-2277)

According to the versions of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allow...

3.3CVSS5.3AI score0.00162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.12 views

EulerOS 2.0 SP11 : NetworkManager (EulerOS-SA-2026-2234)

According to the versions of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allow...

3.3CVSS5.3AI score0.00162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : NetworkManager (EulerOS-SA-2026-2196)

According to the versions of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allow...

3.3CVSS5.5AI score0.00162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.331 views

Containerd 1.7.27 < 1.7.32 / 2.0.4 < 2.0.9 / 2.1.x < 2.2.4 / 2.3.x < 2.3.1 runAsNonRoot Bypass

The version of Containerd on the remote host is 1.7.27 prior to 1.7.32, 2.0.4 prior to 2.0.9, 2.1.x prior to 2.2.4, or 2.3.x prior to 2.3.1. It is, therefore, affected by a security bypass vulnerability. A bug was found in containerd where containers launched with a numeric User directive that...

7.8CVSS5.5AI score0.00221EPSS
Exploits1References2
OSV
OSV
added 2026/05/27 7:55 p.m.4 views

CVE-2026-48792 pam_usb: pusb_has_virtual_input_device() silently discards EACCES, disabling remote desktop detection under non-root execution

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusbhasvirtualinputdevice to return 0 no virtual devices found even when every open call failed due to...

4.4CVSS6AI score0.00128EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/21 9:40 p.m.10 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via improper handling of numeric User directives in container configuration. An attacker can gain elevated privileges by supplying a crafted image with an /etc/passwd file that...

7.8CVSS5.7AI score0.00221EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/21 9:40 p.m.40 views

containerd user ID handling bypass allows runAsNonRoot evasion

Impact A bug was found in containerd where containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an /etc/passwd file mapping this large numeric string to root, the container ultimately runs as...

7.8CVSS5.7AI score0.00275EPSS
Exploits2References2Affected Software2
OSV
OSV
added 2026/05/21 9:40 p.m.21 views

GHSA-FQW6-GF59-QR4W containerd user ID handling bypass allows runAsNonRoot evasion

Impact A bug was found in containerd where containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an /etc/passwd file mapping this large numeric string to root, the container ultimately runs as...

7.3CVSS5.7AI score0.00221EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/20 1:35 p.m.12 views

CVE-2026-41054

A flaw was found in haveged. The sockethandler function, responsible for handling connections to the abstract UNIX socket, incorrectly proceeds with execution even after detecting that a connecting user is not root. This oversight allows a local unprivileged user to bypass security checks and...

7.8CVSS6AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:16 a.m.10 views

ALPINE-CVE-2026-41054

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

7.8CVSS6AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 8:56 a.m.47 views

CVE-2026-41054 Missing exit out of permission check in haveged could lead to root exploit

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

7.8CVSS0.00185EPSS
Exploits0References1
Rows per page
Query Builder