Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portainer portainer vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2019-16872
Portainer prior to 1.22.1 has Incorrect Access Control (issue 1 of 4).
Portainer Portainer
6.5
CVSSv3
CVE-2019-16874
Portainer prior to 1.22.1 has Incorrect Access Control (issue 2 of 4).
Portainer Portainer
5.4
CVSSv3
CVE-2019-16878
Portainer prior to 1.22.1 has XSS (issue 2 of 2).
Portainer Portainer
5.4
CVSSv3
CVE-2019-16873
Portainer prior to 1.22.1 has XSS (issue 1 of 2).
Portainer Portainer
7.5
CVSSv3
CVE-2019-16876
Portainer prior to 1.22.1 allows Directory Traversal.
Portainer Portainer
8.8
CVSSv3
CVE-2019-16877
Portainer prior to 1.22.1 has Incorrect Access Control (issue 4 of 4).
Portainer Portainer
9.8
CVSSv3
CVE-2022-24961
In Portainer Agent prior to 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days.
Portainer Portainer
8.8
CVSSv3
CVE-2020-24263
Portainer 1.24.1 and previous versions is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYS_MODULE, which can be used to take over the Dock...
Portainer Portainer
9.8
CVSSv3
CVE-2018-12678
Portainer prior to 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote malicious users to bypass intended access restrictions or conduct SSRF attacks.
Portainer Portainer
5.4
CVSSv3
CVE-2018-16316
A stored Cross-site scripting (XSS) vulnerability in Portainer up to and including 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field.
Portainer Portainer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »