cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-11218,https://securityvulnerability.io/vulnerability/CVE-2024-11218,Container Breakout Vulnerability in Podman and Buildah,"A vulnerability exists in Podman and Buildah that allows for a container breakout, particularly when using the '--jobs=2' option during the build process of a malicious Containerfile. This vulnerability exploits a race condition that may lead to the exposure of files and directories on the host system. Though using SELinux can provide some degree of mitigation, it does not completely prevent the enumeration of sensitive host file systems, posing a risk for affected users.",Red Hat,"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 9.4 Extended Update Support,Red Hat Openshift Container Platform 4.16,Red Hat Openshift Container Platform 4.17,Red Hat Enterprise Linux 8,Red Hat Openshift Container Platform 4",8.6,HIGH,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-01-22T04:55:30.649Z,359
CVE-2024-12085,https://securityvulnerability.io/vulnerability/CVE-2024-12085,Rsync Daemon Memory Leak Vulnerability in Red Hat Products,"A vulnerability exists in the rsync daemon which can be exploited during the comparison of file checksums. An attacker can manipulate the checksum length, leading to potential leaks of one byte of uninitialized stack data at a time. This weakness could allow unauthorized access to sensitive information in memory, posing a security risk to affected systems.",Red Hat,"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - Extension,Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 9.4 Extended Update Support,Red Hat Openshift Container Platform 4.15,Red Hat Openshift Container Platform 4.16,Red Hat Openshift Container Platform 4.17,Logging Subsystem For Red Hat Openshift",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-14T18:15:00.000Z,242
CVE-2024-9632,https://securityvulnerability.io/vulnerability/CVE-2024-9632,"X.org Server Flaw Allows Buffer Overflow, Denial of Service or Privilege Escalation","A flaw exists in the X.org server that stems from an improper handling of allocation size in the _XkbSetCompatMap function. This vulnerability allows a local attacker to potentially exploit this issue by sending a specially crafted payload, which could result in a buffer overflow condition. If successfully exploited, this vulnerability may lead to denial of service or enable local privilege escalation in environments where the X.org server operates with elevated permissions, specifically with root access. It is crucial for administrators to review their configurations and apply necessary security updates to mitigate the risks associated with this vulnerability.",Red Hat,",Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 9.4 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-10-30T07:42:35.320Z,0
CVE-2024-9676,https://securityvulnerability.io/vulnerability/CVE-2024-9676,Podman Vulnerable to Symlink Traversal Attack,"A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.",Red Hat,",Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.4 Extended Update Support,Red Hat Openshift Container Platform 4.12,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Openshift Container Platform 4.16,Red Hat Openshift Container Platform 4.17,Openshift Developer Tools And Services,Red Hat Openshift Container Platform 4,Red Hat Quay 3",6.5,MEDIUM,0.001120000029914081,false,,false,false,false,,,false,false,,2024-10-15T15:27:33.665Z,0