Lucene search
K
AlpinelinuxRecent

12978 matches found

AlpineLinux
AlpineLinux
•added 2026/07/01 6:53 p.m.•4 views

CVE-2026-55510

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a use-after-free will occur. This issue has been fixed in versions 6.9.13-51...

5.5CVSS5.7AI score0.00103EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/07/01 6:50 p.m.•5 views

CVE-2026-53467

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. This issue has been fixed in versio...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/07/01 6:20 p.m.•4 views

CVE-2026-53466

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/07/01 6:10 p.m.•7 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 5:59 p.m.•8 views

CVE-2026-53492

containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface CDI annotations found within untrusted checkpoint image metadata during container restoration. When restoring a container from a...

9.6CVSS5.9AI score0.00412EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 5:50 p.m.•8 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS6.1AI score0.00354EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 5:48 p.m.•9 views

CVE-2026-47262

containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...

5.5CVSS5.7AI score0.00317EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 5:40 p.m.•25 views

CVE-2026-46680

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.8CVSS5.7AI score0.00221EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/07/01 4:30 p.m.•6 views

CVE-2026-20243

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS7.3AI score0.00389EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 4:28 p.m.•5 views

CVE-2026-20244

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...

7.5CVSS7.2AI score0.00389EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 4:28 p.m.•5 views

CVE-2026-20215

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

7.5CVSS7.3AI score0.00389EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 4:28 p.m.•6 views

CVE-2026-20217

A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in...

7.5CVSS7.3AI score0.00389EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 4:27 p.m.•5 views

CVE-2026-20216

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...

7.5CVSS7.1AI score0.00389EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 4:27 p.m.•9 views

CVE-2026-20213

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...

7.5CVSS7.3AI score0.00463EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 4:27 p.m.•5 views

CVE-2026-20214

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG...

7.5CVSS7.3AI score0.00463EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 12:58 a.m.•4 views

CVE-2026-57963

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

6.5CVSS6AI score0.00181EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/07/01 12:58 a.m.•4 views

CVE-2026-57962

A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of attacker-supplied data into the Thunderbird LDAP client until it crashes due to memory exhaustion. This vulnerability was fixed in Thunderbird 152.0.1 and...

5.3CVSS6AI score0.00203EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/07/01 12:11 a.m.•6 views

CVE-2026-53488

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via ...

9.4CVSS5.9AI score0.00203EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/07/01 12:2 a.m.•10 views

CVE-2026-41579

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions prior to 1.3.6, 1.4.0-rc.1, 1.4.0-rc.12, 1.5.0-rc.1, and 1.5.0-rc.1, when setting up the container rootfs, setupPtmx and setupDevSymlinks call os.Remove and os.Symlink with a filepath.Join strin...

3.3CVSS5.9AI score0.00222EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/30 10:8 p.m.•6 views

CVE-2026-56377

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries...

4.8CVSS5.9AI score0.00164EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/30 10:8 p.m.•6 views

CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/30 10:8 p.m.•5 views

CVE-2026-56369

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/30 10:8 p.m.•4 views

CVE-2026-56364

ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory an...

1.9CVSS5.8AI score0.00123EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/30 10:8 p.m.•4 views

CVE-2026-56361

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations...

7.1CVSS6AI score0.00128EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/30 10:8 p.m.•8 views

CVE-2026-56363

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash...

4.8CVSS5.8AI score0.00111EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/30 1:2 p.m.•4 views

CVE-2026-58016

A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow and...

9.1CVSS5.8AI score0.00373EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/30 1:2 p.m.•5 views

CVE-2026-58015

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

7.5CVSS5.9AI score0.00418EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/30 12:57 p.m.•5 views

CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

8.6CVSS5.7AI score0.00293EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/30 12:57 p.m.•7 views

CVE-2026-58013

A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...

8.2CVSS5.9AI score0.00329EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/30 12:57 p.m.•6 views

CVE-2026-58012

A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...

8.2CVSS5.9AI score0.00322EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/30 12:57 p.m.•4 views

CVE-2026-58010

A flaw was found in GLib. An off-by-one error can occur in the gvstupleisnormal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses instead of =, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information...

8.2CVSS5.7AI score0.00322EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/30 12:57 p.m.•6 views

CVE-2026-58011

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the gdatetimegetymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the gdatetimeaddfull function is processed. This flaw can corrupt the date output and potentially cause logic errors...

7.5CVSS5.7AI score0.00344EPSS
Exploits1References4
AlpineLinux
AlpineLinux
•added 2026/06/30 12:35 p.m.•6 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS5.7AI score0.00282EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/29 1:21 p.m.•7 views

CVE-2026-11979

libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell function processes user input using fixed-size stack buffers without proper bounds checking. By supplying an overly long input line, an attacker can overflow intern...

7.8CVSS6.6AI score0.00148EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/29 10:15 a.m.•6 views

CVE-2026-41992

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and LZH decompression...

7.5CVSS6AI score0.00294EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/29 10:15 a.m.•4 views

CVE-2026-41991

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID PID. This predictable filename is created without...

4.7CVSS5.9AI score0.00105EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/28 1:32 a.m.•11 views

CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS5.9AI score0.00278EPSS
Exploits0References4
AlpineLinux
AlpineLinux
•added 2026/06/28 1:32 a.m.•5 views

CVE-2026-58055

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/28 1:32 a.m.•5 views

CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/28 1:32 a.m.•6 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/26 4:29 p.m.•4 views

CVE-2026-57231

Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that variable from the host into the container. This is made worse by the fact that using an asterisk wi...

7.5CVSS6AI score0.0026EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•8 views

CVE-2026-48930

A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resolver bindings. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

9.8CVSS6.6AI score0.00405EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•9 views

CVE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.7CVSS6.7AI score0.00674EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•8 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.6AI score0.02806EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•8 views

CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.7AI score0.00656EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•9 views

CVE-2026-48934

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.3CVSS6.6AI score0.00258EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•7 views

CVE-2026-48935

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS6.6AI score0.00154EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•6 views

CVE-2026-48615

A flaw in Node.js proxy tunnel error handling could expose proxy credentials in ERRPROXYTUNNEL error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability...

7.5CVSS6.6AI score0.00437EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/26 1:14 a.m.•6 views

CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.4CVSS6.6AI score0.00256EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/25 11:1 p.m.•9 views

CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS5.7AI score0.00159EPSS
Exploits0
Total number of security vulnerabilities12978