Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2025/11/06 12:0 a.m.2 views

youki 安全漏洞

youki is a youki open source implementation of the OCI runtime specification in Rust. A security vulnerability exists in youki version 0.5.6 and earlier, which stems from insufficient validation of the write target by the apparmor handler, which in combination with path substitution during pathna...

10CVSS6.5AI score0.00055EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/11/05 11:14 p.m.5 views

CVE-2025-62596 youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects

Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path...

7.3CVSS0.00055EPSS
Exploits0References5
OSV
OSVadded 2025/11/05 6:45 p.m.3 views

GHSA-VF95-55W6-QMRF youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects

Impact youki’s apparmor handling performs insufficiently strict write-target validation, which—combined with path substitution during pathname resolution—can allow writes to unintended procfs locations. Weak write-target check youki only verifies that the destination lies somewhere under procfs. ...

10CVSS7AI score0.00055EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2009-2803

Malware in sbrugna...

6CVSS8.2AI score0.00847EPSS
Exploits2References36
RedhatCVE
RedhatCVEadded 2025/02/05 9:13 p.m.10 views

CVE-2022-2969

Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements within the pathname,...

8.1CVSS6.7AI score0.00273EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2009/09/14 4:30 p.m.23 views

CVE-2009-2813

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote...

6CVSS7.1AI score0.00847EPSS
Exploits2References3
Cvelist
Cvelistadded 2009/09/14 4:0 p.m.22 views

CVE-2009-2813

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote...

7AI score0.00847EPSS
Exploits2References30
Rows per page
Query Builder