Lucene search
K

1904 matches found

Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44825

Name of the Vulnerable Software and Affected Versions RustFS versions prior to 1.0.0-beta.2 Description Improper validation in the 'PUT /rustfs/admin/v3/import-iam' endpoint allows a user with ImportIAMAction to create service accounts under arbitrary parent identities, including the root user...

9.3CVSS5.9AI score0.00226EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/27 10:1 a.m.13 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
OSV
OSV
added 2026/05/21 9:40 p.m.8 views

GHSA-FQW6-GF59-QR4W containerd user ID handling bypass allows runAsNonRoot evasion

Impact A bug was found in containerd where containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an /etc/passwd file mapping this large numeric string to root, the container ultimately runs as...

7.3CVSS5.7AI score0.00221EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/20 1:35 p.m.10 views

CVE-2026-41054

A flaw was found in haveged. The sockethandler function, responsible for handling connections to the abstract UNIX socket, incorrectly proceeds with execution even after detecting that a connecting user is not root. This oversight allows a local unprivileged user to bypass security checks and...

7.8CVSS6AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:16 a.m.10 views

ALPINE-CVE-2026-41054

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

7.8CVSS6AI score0.00185EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 1:38 p.m.28 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.9 views

CVE-2026-44218

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS5.8AI score0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 12:31 a.m.10 views

EUVD-2026-30203

Insufficient sanitization of SQL queries in the sqloptimizer utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled...

8.1CVSS5.9AI score0.00312EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 11:16 p.m.10 views

CVE-2026-29206

Insufficient sanitization of SQL queries in the sqloptimizer utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled...

8.1CVSS0.00312EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 10:7 p.m.7 views

CVE-2026-29206

Insufficient sanitization of SQL queries in the sqloptimizer utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled...

8.1CVSS5.9AI score0.00312EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2026/05/12 8:16 p.m.13 views

CVE-2026-44218

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS0.00122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 7:39 p.m.10 views

CVE-2026-44218 ciguard: Container image runs as root (no USER directive)

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS5.8AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:39 p.m.37 views

CVE-2026-44218 ciguard: Container image runs as root (no USER directive)

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 7:39 p.m.11 views

CVE-2026-44218

Summary of CVE-2026-44218 (ciguard) : The affected container image ghcr.io/jo-jo98/ciguard (0.1.0–0.8.1) runs as root because the Dockerfile lacks a USER directive; this is fixed in 0.8.2. Documented impact is a container that inherits root privileges, with a CVSSv3.1 score of 3.0 (Low) and LOCAL...

3CVSS5.8AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

ciguard 安全漏洞

Ciguard is a security auditing and visualization tool for CI/CD pipelines developed by Johannes Moore. Versions of Ciguard from 0.1.0 to 0.8.1 contain security vulnerabilities. These vulnerabilities stem from the default root user inherited by the published container images, due to the lack of a...

3CVSS5.8AI score0.00122EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/11 8:36 p.m.7 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/06 5:3 p.m.28 views

EUVD-2026-27141

Nginx-UI is Vulnerable to Unauthenticated Remote Code Execution via Backup Restore...

9.8CVSS5.8AI score0.00764EPSS
Exploits1References3
OSV
OSV
added 2026/05/05 10:18 p.m.17 views

GHSA-JRM4-4PCF-4763 ciguard: Container image runs as root (no USER directive)

Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...

3CVSS5.8AI score0.00122EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/05 10:18 p.m.11 views

ciguard: Container image runs as root (no USER directive)

Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...

3CVSS5.8AI score0.00122EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.14 views

PT-2026-37314

Name of the Vulnerable Software and Affected Versions ciguard versions 0.1.0 through 0.8.1 Description The ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. As a static analyser, ciguard does not require root privileges. Running ...

3CVSS5.8AI score0.00122EPSS
Exploits0References6
Rows per page
Query Builder