CVEs

CVE Aggregator

CVE ID

Severity

Classification Group

Target

Description

Report Date

CVE-2019-11270

High

Privilege Escalation

Cloud Foundry UAA

The 'clients.write' scope allowed creating clients with arbitrary scopes. Malicious clients possessing the scope could gain up to full control of the UAA server.

August 7, 2019

CVE-2019-11268

Medium

SQL Injection

Cloud Foundry UAA

Improper escaping allow malicious clients with basic read privileges for one identity zone to obtain private information on clients, users, and groups in all other identity zones.

June 28, 2019

CVE-2019-13126

High

Integer Overflow

NATS Server

Integer overflow that can cause a denial of service of the NATS server due to a runtime panic

July 23, 2019

CVE-2019-9630

Medium

Weak Defaults

Nexus Repository Manager

Any unauthenticated user can read resources on Nexus

July 2, 2019

CVE-2019-9629

Medium

Weak Defaults

Nexus Repository Manager

The default user is always set to be admin/admin123

July 2, 2019

CVE-2019-10147

High

Sandbox Escape

rkt

Processes run with `rkt enter` are not limited by cgroups during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources.

May 30, 2019

CVE-2019-10145

High

Sandbox Escape

rkt

Processes run with `rkt enter` do not have seccomp filtering during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources.

May 30, 2019

CVE-2019-10144

High

Sandbox Escape

rkt

Processes run with `rkt enter` are given all capabilities during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources.

May 30, 2019

CVE-2019-8339

High

Policy Bypass

Falco

Allows for bypassing syscall detection and therefore Falco rules, then running any system calls undetected

May 15, 2019

CVE-2019-1002101

High

Directory Traversal

Kubernetes

Directory traversal in kubectl cp command due to insufficient fix

March 28, 2019

CVE-2018-17963

High

Buffer Overflow

QEMU

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.

October 8, 2018

CVE-2018-17962

High

Buffer Overflow

QEMU

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

October 8, 2018

CVE-2018-17958

High

Buffer Overflow

QEMU

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

October 8, 2018

CVE-2018-18385

Medium

Denial of Service

asciidoctor

Denial of Service in Asciidoctor parser given malicious input was discovered by fuzzing the Asciidoctor Ruby code. Fixed in Asciidoctor 1.5.8

October 16, 2018

CVE-2018-11506

High

Stack Overflow

Linux Kernel

Linux kernel through 4.16.12 allows local users to cause a stack-based buffer overflow due to buffers have different sizes at the CDROM layer and the SCSI layer

May 31, 2018

CVE-2018-10839

High

Buffer Overflow

QEMU

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu or execute code on it.

May 21, 2018

CVE-2018-1098

High

CSRF

etcd

A cross-site request forgery flaw in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key.

February 25, 2018

CVE-2018-1099

Medium

Input Validation

etcd

DNS rebinding vulnerability in etcd 3.3.1 and earlier

February 25, 2018

CVE-2017-16544

Medium

Output Sanitization

Busybox

The Busybox shell does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

November 7, 2017

CVE-2017-15873

Medium

Integer Overflow

Busybox

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.

October 22, 2017

CVE-2017-15874

Medium

Integer Underflow

Busybox

archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.

October 22, 2017

CVE-2017-9951

High

Integer Overflow

memcached

The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key.

July 13, 2017

CVE-2017-9669

High

Heap Overflow

Alpine Linux

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.

June 25, 2017

CVE-2017-9671

High

Heap overflow

Alpine Linux

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.

June 25, 2017

Ready to see Twistlock in action?

Get Twistlock