CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

RedhatCVE•added 2026/06/10 2:59 p.m.•9 views

CVE-2026-47343

Non-privileged backend users with file mount access were able to perform write operations move, delete, rename on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0...

7.2CVSS5.5AI score0.00238EPSS

Exploits0References1

Github Security Blog•added 2025/11/06 11:36 p.m.•8 views

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes

Summary Short summary of the problem. Make the impact and severity as clear as possible. It is possible to trick the virt-handler component into changing the ownership of arbitrary files on the host node to the unprivileged user with UID 107 due to mishandling of symlinks when determining the roo...

5CVSS7.4AI score0.00187EPSS

Exploits1References6Affected Software1

CVE•added 2025/08/27 4:47 p.m.•23 views

CVE-2025-34159

CVE-2025-34159 affects Coolify

9.4CVSS7.4AI score0.00919EPSS

Exploits2References3Affected Software1

Cvelist•added 2025/08/27 4:47 p.m.•7 views

CVE-2025-34159 Coolify Docker Compose Directive Injection in Application Deployment Workflow

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting...

9.4CVSS0.00919EPSS

Exploits2References3

ATTACKERKB•added 2025/08/27 4:47 p.m.•2 views

CVE-2025-34159

9.4CVSS6.5AI score0.00919EPSS

Exploits2References4

OSV•added 2024/07/12 1:15 p.m.•2 views

DEBIAN-CVE-2024-40938

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix dparent walk The WARNONONCE in collectdomainaccesses can be triggered when trying to link a root mount point. This cannot work in practice because this directory is mounted, but the VFS check is done after the call ...

5.5CVSS5.7AI score0.00249EPSS

Exploits0References1

OSV•added 2024/07/12 1:15 p.m.•1 views

UBUNTU-CVE-2024-40938

5.5CVSS6.2AI score0.00249EPSS

Exploits0References14

OSV•added 2024/07/12 12:25 p.m.•12 views

CVE-2024-40938 landlock: Fix d_parent walk

5.5CVSS6AI score0.00249EPSS

Exploits0References8

Vulnrichment•added 2024/07/12 12:25 p.m.•20 views

CVE-2024-40938 landlock: Fix d_parent walk

6.7AI score0.00249EPSS

Exploits0References4

RedHat Linux•added 2024/05/23 8:46 p.m.•2 views

buildah: full container escape at build time

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS

Exploits0References7

RedHat Linux•added 2024/05/16 6:36 p.m.•19 views

buildah: full container escape at build time

8.6CVSS6.9AI score0.0049EPSS

Exploits0References7

RedHat Linux•added 2024/05/09 2:16 p.m.•3 views

buildah: full container escape at build time

8.6CVSS6.9AI score0.0049EPSS

Exploits0References7

RedHat Linux•added 2024/05/02 5:2 p.m.•1 views

buildah: full container escape at build time