Lucene search
K

385 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.8 views

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-2934)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.7AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.14 views

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-2949)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.7AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.19 views

EulerOS 2.0 SP11 : docker-runc (EulerOS-SA-2024-2979)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.7AI score0.00317EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/12 10:29 a.m.2 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.16 views

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2024-2883)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification.runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.6AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.8 views

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2024-2902)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification.runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.6AI score0.00317EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/06 2:57 p.m.2 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/11/06 3:46 a.m.1 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/10/31 4:1 a.m.2 views

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS5.8AI score0.01345EPSS
Exploits0References6
OSV
OSV
added 2024/10/15 4:15 p.m.9 views

AZL-50609 CVE-2024-9676 affecting package cri-o for versions less than 1.22.3-14

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

6.5CVSS7AI score0.01345EPSS
Exploits0References1
Amazon
Amazon
added 2024/10/15 12:0 a.m.5 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS6.7AI score0.00317EPSS
Exploits0
Amazon
Amazon
added 2024/10/15 12:0 a.m.4 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS6.7AI score0.00317EPSS
Exploits0
Amazon
Amazon
added 2024/10/14 12:0 a.m.4 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS4.5AI score0.00317EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/14 12:0 a.m.16 views

Amazon Linux 2023 : runc (ALAS2023-2024-725)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-725 advisory. runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or...

3.6CVSS6.6AI score0.00317EPSS
Exploits0References4
OSV
OSV
added 2024/10/12 11:9 a.m.5 views

OESA-2024-2253 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
Metasploit
Metasploit
added 2024/09/27 6:53 p.m.707 views

Local Privilege Escalation via CVE-2023-0386

This exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another...

7.8CVSS7AI score0.0788EPSS
Exploits14
Rockylinux
Rockylinux
added 2024/09/17 12:54 a.m.33 views

bubblewrap and flatpak security update

An update is available for flatpak, bubblewrap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Bubblewrap /usr/bin/bwrap is a core execution engine for...

10CVSS7AI score0.01283EPSS
Exploits1
OSV
OSV
added 2024/09/14 11:9 a.m.5 views

OESA-2024-2136 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
OSV
OSV
added 2024/09/14 11:9 a.m.4 views

OESA-2024-2135 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/09/05 1:9 p.m.40 views

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.3AI score0.01283EPSS
Exploits1References1
Rows per page
Query Builder