Sysdig Site Search
Detecting exploits of CVE-2019-5736: runc container breakout.
Earlier today, CVE-2019-5736 was announced regarding a runC container breakout. Given the high CVSS rating of 7.2, it is imperative...
CVE-2018-18264 Privilege escalation through Kubernetes dashboard
A recently disclosed vulnerability in Kubernetes dashboard (CVE-2018-18264) exposes secrets to unauthenticated users. In this blog post we’ll explore some...
CVE-2023-38545: High Severity cURL Vulnerability Detection
On Oct. 11, a new version of curl (8.4.0) was released where a couple of new vulnerabilities were fixed (CVE-2023-38545...
How to detect Kubernetes vulnerability CVE-2019-11246 using Falco
A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could...
5 Steps to Stop the Latest OpenSSL Vulnerabilities: CVE-2022-3602, CVE-2022-3786
The OpenSSL Project team announced two HIGH severity vulnerabilities (CVE-2022-3602, CVE-2022-3786) on Oct. 25, which affect all OpenSSL v3 versions...
Detecting CVE-2020-14386 with Falco and mitigating potential container escapes
On Sept. 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables...
Critical Vulnerability in Spring Core: CVE-2022-22965 a.k.a. Spring4Shell
After the Spring cloud vulnerability reported yesterday, a new vulnerability called Spring4shell CVE-2022-22965 was reported on the very popular Java...
Mitigating CVE-2022-0811: Arbitrary code execution affecting CRI-O
A new vulnerability CVE-2022-0811, alias cr8escape, with CVSS 8.8 (HIGH) has been found in the CRI-O container engine by Crowdstrike....
CVE-2022-0847: “Dirty Pipe” Linux Local Privilege Escalation
Right on the heels of CVE-2022-4092, another local privilege escalation flaw in the Linux Kernel was disclosed on Monday, nicknamed...
Detecting and mitigating Apache Unomi’s CVE-2020-13942 – Remote Code Execution (RCE)
CVE-2020-13942 is a critical vulnerability that affects the Apache open source application Unomi, and allows a remote attacker to execute...