9053 matches found
EUVD-2022-5241
Malicious code in bioql PyPI...
podman security update
An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...
RLSA-2025:7458 Important: xorg-x11-server-Xwayland security update
Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 X.Org: Xwayland: Use-after-free of the root cursor CVE-2025-26594 xorg: xwayland: Use-after-free in SyncInitTrigger...
CVE-2025-55972
A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementation is affected by a remote, unauthenticated Denial of Service DoS condition. By sending a flood of malformed or oversized SetAVTransportURI SOAP requests to the UPnP control endpoint, an attacker can cause the device to becom...
CVE-2025-55971
TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...
CVE-2025-55971
TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...
CVE-2025-55972
A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementation is affected by a remote, unauthenticated Denial of Service DoS condition. By sending a flood of malformed or oversized SetAVTransportURI SOAP requests to the UPnP control endpoint, an attacker can cause the device to becom...
TCL 65C655 Smart TV 安全漏洞
TCL 65C655 Smart TV is a Smart TV from TCL Corporation of China. A security vulnerability exists in the TCL 65C655 Smart TV, which stems from the UPnP control endpoint being susceptible to a malformed or oversized SOAP request attack, which could result in a denial of service...
EUVD-2025-32308
TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...
CVE-2025-55971
TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...
EUVD-2025-32305
A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementation is affected by a remote, unauthenticated Denial of Service DoS condition. By sending a flood of malformed or oversized SetAVTransportURI SOAP requests to the UPnP control endpoint, an attacker can cause the device to becom...
CVE-2025-55972
A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementation is affected by a remote, unauthenticated Denial of Service DoS condition. By sending a flood of malformed or oversized SetAVTransportURI SOAP requests to the UPnP control endpoint, an attacker can cause the device to becom...
podman: Podman kube play command may overwrite host files
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
AlmaLinux 9 : podman (ALSA-2025:15900)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15900 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the AlmaLinux security...
podman: Podman kube play command may overwrite host files
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
podman: Podman kube play command may overwrite host files
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
RHEL 9 : podman (RHSA-2025:16488)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16488 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RHEL 9 : podman (RHSA-2025:16480)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16480 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RHEL 9 : podman (RHSA-2025:16481)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16481 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RHEL 8 : container-tools:rhel8 (RHSA-2025:16482)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16482 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: Podman kub...