82 matches found
CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...
EUVD-2026-33063
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...
Missing Authorization
Overview github.com/portainer/portainer/api/http/proxy/factory/docker is a management UI which allows to manage different Docker environments. Affected versions of this package are vulnerable to Missing Authorization in the enforcement of endpoint security restrictions for non-admin users on Dock...
EUVD-2018-21727
NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted username value exceeding...
PT-2026-29021
🚨 CVE-2018-25235 NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted usernam...
NetworkActiv Web Server 缓冲区错误漏洞
NetworkActiv Web Server is a lightweight web server software developed by NetworkActiv Corporation. Version 4.0 of NetworkActiv Web Server contains a buffer overflow vulnerability. This vulnerability stems from a buffer overflow in the username field of the security options, which could allow loc...
EulerOS 2.0 SP12 : curl (EulerOS-SA-2026-1386)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally an...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypa...
Security update for apptainer
This update for apptainer fixes the following issues: Security fixes: CVE-2024-45310: Fixed runc being tricked into creating empty files/directories on host bsc1257432 CVE-2025-65105: Fixed security bypass due to disabling security options bsc1255462 CVE-2025-47914: Fixed malformed constraint may...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001390)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001390 advisory. The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is...
openSUSE Security Advisory (SUSE-SU-2026:0077-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALPINE-CVE-2025-14017
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2025-14017
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2025-65105
A flaw was found in Apptainer. This vulnerability allows a container to disable the --security=apparmor: and --security=selinux: options, bypassing security restrictions on container operations via the --security option. This affects unprivileged users on systems where Apparmor or SELinux...
GO-2025-4176 Apptainer ineffectively applies selinux and apparmor --security options in github.com/apptainer/apptainer
Apptainer ineffectively applies selinux and apparmor --security options in github.com/apptainer/apptainer...
GHSA-J3RW-FX6G-Q46J Apptainer ineffectively applies selinux and apparmor --security options
Impact In Apptainer versions less than 1.4.5, a container can disable two of the forms of the little used --security option, in particular the forms --security=apparmor: and --security=selinux: which otherwise put restrictions on operations that containers can do. The --security option has always...
CVE-2025-65105 Apptainer ineffective application of selinux and apparmor --security options
Apptainer is an open source container platform. In Apptainer versions less than 1.4.5, a container can disable two of the forms of the little used --security option, in particular the forms --security=apparmor: and --security=selinux: which otherwise put restrictions on operations that containers...
EUVD-2008-4795
Malware in sbrugna...
EUVD-2025-19115
Malicious code in bioql PyPI...
EUVD-2025-19725
Malicious code in bioql PyPI...