Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28444
angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript (.ts) files during build time of an Angular CLI...
Angular-server-side-configuration Project Angular-server-side-configuration
NA
CVE-2023-28442
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. Prior to versions 2.20.6, 2.19.6, and 2.18.7, anonymous users can obtain sensitive information about GeoNode configurations from the response of the `/geoserver/re...
Geosolutionsgroup Geonode
NA
CVE-2023-28109
Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as `evil-play-wi...
Play-with-docker Play With Docker 0.0.1
Play-with-docker Play With Docker 0.0.2
NA
CVE-2023-0628
Docker Desktop prior to 4.17.0 allows an malicious user to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL.
Docker Docker Desktop
NA
CVE-2023-0629
Docker Desktop prior to 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the DOCKER_HOST environment varia...
Docker Docker Desktop
NA
CVE-2023-27482
homeassistant is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the Supervisor API through Home Assistant has been discovered. This impacts all Home Assistant installation types that use the Supervisor 2023.01.1 or...
Home-assistant Supervisor
Home-assistant Home-assistant
NA
CVE-2023-26490
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this...
Mailcow Mailcow Dockerized
NA
CVE-2023-27290
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 24...
Ibm Observability With Instana 243-0
Ibm Observability With Instana
2 Github repositories
NA
CVE-2023-27561
runc up to and including 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. N...
Linuxfoundation Runc
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2022-36775
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an malicious user to conduct various attacks against the vulnerable system, includin...
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
Ibm Security Verify Access Docker 10.0.1.0
Ibm Security Verify Access Docker 10.0.2.0
Ibm Security Verify Access 10.0.0.0
Ibm Security Verify Access 10.0.3.0
Ibm Security Verify Access Docker 10.0.4.0
Ibm Security Verify Access Docker 10.0.3.0
Ibm Security Verify Access 10.0.4.0
Ibm Security Verify Access Docker 10.0.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »