CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/01/28 3:15 a.m.•2 views

CVE-2024-0137

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successfu...

6.5CVSS5.8AI score0.00307EPSS

NVD•added 2025/01/28 3:15 a.m.•4 views

CVE-2024-0137

6.5CVSS0.00307EPSS

Cvelist•added 2025/01/28 3:10 a.m.•8 views

CVE-2024-0137

5.5CVSS0.00307EPSS

Vulnrichment•added 2025/01/28 3:10 a.m.•7 views

CVE-2024-0137

5.5CVSS6.2AI score0.00307EPSS

CVE•added 2025/01/28 3:10 a.m.•47 views

CVE-2024-0137

CVE-2024-0137 affects the NVIDIA container-toolkit. When the toolkit is configured in a nondefault way, a specially crafted container image could cause untrusted code to run in the host’s network namespace, with potential for denial of service and privilege escalation as described in multiple adv...

6.5CVSS7.2AI score0.00307EPSS

Exploits0References1Affected Software2

CNNVD•added 2025/01/28 12:0 a.m.•2 views

NVIDIA Container Toolkit 安全漏洞

NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. Allows users to build and run GPU-accelerated containers. A security vulnerability exists in NVIDIA Container Toolkit that stems from the inclusion of an incorrect isolation vulnerability, where a specially crafted container image...

8.4CVSS7.5AI score0.0062EPSS

CNNVD•added 2025/01/28 12:0 a.m.•3 views

NVIDIA Container Toolkit 安全漏洞

NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. Allows users to build and run GPU-accelerated containers. NVIDIA Container Toolkit has a security vulnerability that stems from the inclusion of an incorrect isolation vulnerability, where a specially crafted container image could...

6.5CVSS5.5AI score0.00307EPSS

RedHat Linux•added 2025/01/22 8:44 p.m.•4 views

openjdk: Enhance array handling (Oracle CPU 2025-01)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be...

RedHat Linux•added 2025/01/22 11:24 a.m.•5 views

openjdk: Enhance array handling (Oracle CPU 2025-01)

RedHat Linux•added 2025/01/22 9:20 a.m.•2 views

openjdk: Enhance array handling (Oracle CPU 2025-01)

RedHat Linux•added 2025/01/22 9:7 a.m.•3 views

openjdk: Enhance array handling (Oracle CPU 2025-01)

Positive Technologies•added 2025/01/01 12:0 a.m.•4 views

PT-2025-42970

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 21.0.8 and 25 Oracle GraalVM for JDK version 21.0.8 Oracle GraalVM Enterprise Edition version 21.3.15 Description A difficult to exploit issue exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM...

7.5CVSS6.6AI score0.00574EPSS

Exploits0References118

OSV•added 2024/11/27 3:15 p.m.•3 views

AZL-53558 CVE-2024-53920 affecting package emacs for versions less than 29.4-3

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

7.8CVSS7.5AI score0.00514EPSS

AlpineLinux•added 2024/11/27 3:15 p.m.•0 views

CVE-2024-53920

7.8CVSS8AI score0.00514EPSS

Exploits0References8

OSV•added 2024/11/27 3:15 p.m.•2 views

AZL-53703 CVE-2024-53920 affecting package emacs for versions less than 29.4-3

7.8CVSS7.5AI score0.00514EPSS