CVE-2025-57850
- EPSS 0%
- Veröffentlicht 02.12.2025 18:53:35
- Zuletzt bearbeitet 04.12.2025 17:15:25
A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute com...
CVE-2025-9566
- EPSS 0.11%
- Veröffentlicht 05.09.2025 19:54:30
- Zuletzt bearbeitet 13.11.2025 10:15:55
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful...
CVE-2023-48795
- EPSS 57.9%
- Veröffentlicht 18.12.2023 16:15:10
- Zuletzt bearbeitet 04.11.2025 22:15:55
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client a...
CVE-2023-44487
- EPSS 94.42%
- Veröffentlicht 10.10.2023 14:15:10
- Zuletzt bearbeitet 07.11.2025 19:00:41
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.