Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-5278
A vulnerability exists in Docker prior to 1.2 via container names, which may collide with and override container IDs.
Docker Docker
5.5
CVSSv2
CVE-2014-5282
Docker prior to 1.3 does not properly validate image IDs, which allows remote malicious users to redirect to another image through the loading of untrusted images via 'docker load'.
Docker Docker
1.9
CVSSv2
CVE-2014-8178
Docker Engine prior to 1.8.3 and CS Docker Engine prior to 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for malicious users to poison the image cache via a crafted image in pull or push commands.
Docker Cs Engine
Docker Docker
Opensuse Opensuse 13.2
5
CVSSv2
CVE-2014-8179
Docker Engine prior to 1.8.3 and CS Docker Engine prior to 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows malicious users to inject new attributes in a JSON object and bypass pull-by-digest validation.
Docker Cs Engine
Docker Docker
Opensuse Opensuse 13.2
NA
CVE-2023-28109
Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as `evil-play-wi...
Play-with-docker Play With Docker 0.0.1
Play-with-docker Play With Docker 0.0.2
10
CVSSv2
CVE-2020-29577
The official znc docker images prior to 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access with a blank password.
Znc Znc Docker Image 1.6
Znc Znc Docker Image 1.6-slim
Znc Znc Docker Image 1.6.4
Znc Znc Docker Image 1.6.4-slim
Znc Znc Docker Image 1.6.5
Znc Znc Docker Image 1.6.5-slim
Znc Znc Docker Image 1.6.6
Znc Znc Docker Image 1.6.6-slim
Znc Znc Docker Image 1.7.0
Znc Znc Docker Image 1.7.0-slim
Znc Znc Docker Image 1.7.1-slim
10
CVSSv2
CVE-2020-29576
The official eggdrop Docker images prior to 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access with a blank password.
Eggheads Eggdrop Docker Image 1.6
Eggheads Eggdrop Docker Image 1.6.21
Eggheads Eggdrop Docker Image 1.8.0
Eggheads Eggdrop Docker Image 1.8.1
Eggheads Eggdrop Docker Image 1.8.2
Eggheads Eggdrop Docker Image 1.8.3
Eggheads Eggdrop Docker Image 1.8.4
NA
CVE-2023-5166
Docker Desktop prior to 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: prior to 4.23.0.
Docker Docker Desktop
NA
CVE-2023-5165
Docker Desktop prior to 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business cu...
Docker Docker Desktop
4
CVSSv2
CVE-2016-6595
The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that ...
Docker Docker 1.12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »