Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker docker vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-34883
OS Command Injection vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to execute arbitrary OS commands. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions before 02.03.02 on Windows; 02.05.00 v...
Hitachi Raid Manager Storage Replication Adapter
Hitachi Raid Manager Storage Replication Adapter 02.05.00
8.8
CVSSv3
CVE-2022-38362
Apache Airflow Docker's Provider before 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
Apache Apache-airflow-providers-docker
8.8
CVSSv3
CVE-2022-29184
GoCD is a continuous delivery server. In GoCD versions before 22.1.0, it is possible for existing authenticated users who have permissions to edit or create pipeline materials or pipeline configuration repositories to get remote code execution capability on the GoCD server via co...
Thoughtworks Gocd
8.8
CVSSv3
CVE-2022-20617
Jenkins Docker Commons Plugin 1.17 and previous versions does not sanitize the name of an image or a tag, resulting in an OS command execution vulnerability exploitable by attackers with Item/Configure permission or able to control the contents of a previously configured job'...
Jenkins Docker Commons
8.8
CVSSv3
CVE-2020-24263
Portainer 1.24.1 and previous versions is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYS_MODULE, which can be used to take over the Dock...
Portainer Portainer
8.8
CVSSv3
CVE-2021-20182
A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlyi...
8.8
CVSSv3
CVE-2020-14300
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the f...
Redhat Enterprise Linux Server 7.0
Docker Docker 1.13.1
8.8
CVSSv3
CVE-2020-14298
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container ...
Redhat Enterprise Linux Server 7.0
Docker Docker 1.13.1
Redhat Openshift Container Platform
8.8
CVSSv3
CVE-2020-5239
In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git re...
Mailu Mailu
1 Github repository
8.8
CVSSv3
CVE-2019-10340
A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and previous versions in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through an...
Jenkins Docker
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »