Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portainer portainer vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2019-16872
Portainer prior to 1.22.1 has Incorrect Access Control (issue 1 of 4).
Portainer Portainer
6.5
CVSSv3
CVE-2019-16874
Portainer prior to 1.22.1 has Incorrect Access Control (issue 2 of 4).
Portainer Portainer
5.4
CVSSv3
CVE-2019-16873
Portainer prior to 1.22.1 has XSS (issue 1 of 2).
Portainer Portainer
9.8
CVSSv3
CVE-2018-19466
A vulnerability was found in Portainer prior to 1.20.0. Portainer stores LDAP credentials, corresponding to a master password, in cleartext and allows their retrieval via API calls.
Portainer Portainer
1 Github repository
9.8
CVSSv3
CVE-2018-19367
Portainer up to and including 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 ca...
Portainer Portainer
1 Github repository
5.4
CVSSv3
CVE-2018-16316
A stored Cross-site scripting (XSS) vulnerability in Portainer up to and including 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field.
Portainer Portainer
9.8
CVSSv3
CVE-2018-12678
Portainer prior to 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote malicious users to bypass intended access restrictions or conduct SSRF attacks.
Portainer Portainer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2