Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-35189
The official kong docker images prior to 1.0.2-alpine (Alpine specific) contain a blank password for a root user. System using the kong docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank passwor...
Kong Kong Alpine Docker Image
NA
CVE-2022-38362
Apache Airflow Docker's Provider before 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
Apache Apache-airflow-providers-docker
668
VMScore
CVE-2021-37353
Nagios XI Docker Wizard before version 1.1.3 is vulnerable to SSRF due to improper sanitation in table_population.php.
Nagios Nagios Xi Docker Wizard
641
VMScore
CVE-2015-3629
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
Docker Libcontainer 1.6.0
Opensuse Opensuse 13.2
890
VMScore
CVE-2020-29579
The official Express Gateway Docker images prior to 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access.
Express-gateway Express-gateway Docker Image
NA
CVE-2022-45385
A missing permission check in Jenkins CloudBees Docker Hub/Registry Notification Plugin 2.6.2 and previous versions allows unauthenticated malicious users to trigger builds of jobs corresponding to the attacker-specified repository.
Jenkins Cloudbees Docker Hub/registry Notification
NA
CVE-2024-23054
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index (npm).
Plone Plone Docker Official Image 5.2.13
NA
CVE-2024-23055
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers.
Plone Plone Docker Official Image 5.2.13
356
VMScore
CVE-2018-20699
Docker Engine prior to 18.09 allows malicious users to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go.
Docker Engine
Redhat Enterprise Linux Server 7.0
NA
CVE-2023-32327
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 up to and including 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 up to and including 10.0.6.1) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. ...
Ibm Security Verify Access
Ibm Security Verify Access Docker
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »