CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Amazon•added 2025/03/06 12:0 a.m.•1 views

Low: ecs-init

3.6CVSS6.7AI score0.0015EPSS

Amazon•added 2024/10/15 12:0 a.m.•3 views

Low: runc

3.6CVSS6.7AI score0.0015EPSS

OSV•added 2024/10/12 11:9 a.m.•1 views

OESA-2024-2253 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.0015EPSS

Exploits0References2

OSV•added 2024/09/14 11:9 a.m.•3 views

OESA-2024-2134 runc security update

3.6CVSS6.8AI score0.0015EPSS

Exploits0References2

OSV•added 2024/09/03 7:15 p.m.•2 views

AZL-48567 CVE-2024-45310 affecting package buildah 1.18.0-29

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

OSV•added 2024/09/03 7:15 p.m.•1 views

AZL-48525 CVE-2024-45310 affecting package cri-o 1.30.1-1

OSV•added 2024/09/03 7:15 p.m.•2 views

AZL-48519 CVE-2024-45310 affecting package buildah for versions less than 1.41.4-2

OSV•added 2024/09/03 7:15 p.m.•3 views

AZL-48531 CVE-2024-45310 affecting package podman for versions less than 5.6.1-2

Positive Technologies•added 2022/04/12 12:0 a.m.•1 views

PT-2022-2532 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of service data in the Cluster Shared Volumes CSV file system of Windows operating systems. This can allow an attacker to gain unauthorized...

6.5CVSS9.3AI score0.00475EPSS

Positive Technologies•added 2022/04/12 12:0 a.m.•1 views

PT-2022-2539 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of service data in the Cluster Shared Volumes CSV of Windows operating systems. This can allow an attacker to gain unauthorized access to...

6.5CVSS9.4AI score0.00368EPSS

Positive Technologies•added 2022/04/12 12:0 a.m.•1 views

PT-2022-2520 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of service data in the Cluster Shared Volumes CSV of Windows operating systems. This can allow an attacker to gain unauthorized access to...

6.5CVSS9.3AI score0.00475EPSS

Positive Technologies•added 2022/04/12 12:0 a.m.•1 views

PT-2022-2541 · Microsoft · Windows Cluster Shared Volume +1

Name of the Vulnerable Software and Affected Versions: Windows Cluster Shared Volumes CSV affected versions not specified Description: The issue is related to insufficient protection of service data in the Cluster Shared Volumes CSV of Windows operating systems. This can allow an attacker to gain...

6.5CVSS9.3AI score0.00475EPSS

Microsoft KB•added 2021/01/12 8:0 a.m.•52 views

January 12, 2021—KB4598289 (Security-only update)

January 12, 2021—KB4598289 Security-only update IMPORTANT Verify that you have installed the required updates listed in the How to get this update section before installing this update. For information about the various types of Windows updates, such as critical, security, driver, service packs,...

9.8CVSS7.8AI score0.20443EPSS

RedHat Linux•added 2020/04/28 4:11 p.m.•2 views

runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation

A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this vulnerability is to data...

7CVSS7.1AI score0.00191EPSS

Exploits0References4

Microsoft KB•added 2020/04/09 12:0 a.m.•5 views

March 2016 update for Windows Server 2012 R2 clusters to fix several issues

March 2016 update for Windows Server 2012 R2 clusters to fix several issues This article describes issues in which Data Protection Manager DPM filter driver can't track changes on Cluster Shared Volumes CSV or virtual machine VM configuration resource online fails due to invalid resource state in...

6.4AI score