Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker docker 1.3.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-6407
Docker prior to 1.3.2 allows remote malicious users to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
Docker Docker
Docker Docker 1.3.0
Docker Docker 1.0.0
1 Article
445
VMScore
CVE-2014-6408
Docker 1.3.0 up to and including 1.3.1 allows remote malicious users to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.
Docker Docker 1.3.0
Docker Docker 1.3.1
1 Article
890
VMScore
CVE-2020-35464
Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote malicious user to achieve root access with a blank password.
Weave Cloud Agent 1.3.0
668
VMScore
CVE-2016-8954
IBM dashDB Local uses hard-coded credentials that could allow a remote malicious user to gain access to the Docker container or database.
Ibm Dashdb Local 1.1.0
Ibm Dashdb Local 1.2.1
Ibm Dashdb Local 1.3.0
Ibm Dashdb Local 1.2.0
Ibm Dashdb Local 1.3.1
Ibm Dashdb Local 1.0.0
Ibm Dashdb Local 1.1.1
232
VMScore
CVE-2020-15157
In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise ...
Linuxfoundation Containerd
Linuxfoundation Containerd 1.3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
4 Github repositories
668
VMScore
CVE-2018-11757
In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an malicious user to replace the user function inside the container if the user code is vulnerable to code exploitation.
Apache Openwhisk
696
VMScore
CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated malicious user to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 prior to 7.4.17, fro...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
98 Github repositories
3 Articles
NA
CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a...
Cacti Cacti
1 Metasploit module
42 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started