Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker docker vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-0625
Docker Desktop prior to 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: prior to 4.12.0.
Docker Docker Desktop
9.8
CVSSv3
CVE-2023-0626
Docker Desktop prior to 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: prior to 4.12.0.
Docker Docker Desktop
9.8
CVSSv3
CVE-2023-34844
Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker container to escape.
Play With Docker Project Play With Docker
9.8
CVSSv3
CVE-2023-1174
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container.
Kubernetes Minikube 1.26.0
Kubernetes Minikube 1.26.1
Kubernetes Minikube 1.27.0
Kubernetes Minikube 1.27.1
Kubernetes Minikube 1.28.0
9.8
CVSSv3
CVE-2023-22495
Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JW...
Maif Izanami
9.8
CVSSv3
CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a...
Cacti Cacti
1 Metasploit module
42 Github repositories
9.8
CVSSv3
CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated malicious user to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 prior to 7.4.17, fro...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
99 Github repositories
3 Articles
9.8
CVSSv3
CVE-2021-34079
OS Command injection vulnerability in Mintzo Docker-Tester up to and including 1.2.1 allows malicious users to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file.
Docker-tester Project Docker-tester
9.8
CVSSv3
CVE-2022-29186
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rundeck community and rundeck-enterprise docker images contained a pre-generated SSH keypair. If the id_rsa.pub public key of the keypair was copied to authorized_keys files on remot...
Pagerduty Rundeck
9.8
CVSSv3
CVE-2022-29180
A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend...
Charm Charm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »