Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker docker vulnerabilities and exploits
(subscribe to this query)
8.4
CVSSv3
CVE-2019-13139
In Docker prior to 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in comma...
Docker Docker
5.3
CVSSv3
CVE-2020-27534
util/binfmt_misc/check.go in Builder in Docker Engine prior to 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
Docker Docker
NA
CVE-2015-3630
Docker Engine prior to 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.
Docker Docker
NA
CVE-2015-3631
Docker Engine prior to 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.
Docker Docker
8.6
CVSSv3
CVE-2014-9356
Path traversal vulnerability in Docker prior to 1.3.3 allows remote malicious users to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile.
Docker Docker
9.8
CVSSv3
CVE-2020-29577
The official znc docker images prior to 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access with a blank password.
Znc Znc Docker Image 1.6
Znc Znc Docker Image 1.6-slim
Znc Znc Docker Image 1.6.4
Znc Znc Docker Image 1.6.4-slim
Znc Znc Docker Image 1.6.5
Znc Znc Docker Image 1.6.5-slim
Znc Znc Docker Image 1.6.6
Znc Znc Docker Image 1.6.6-slim
Znc Znc Docker Image 1.7.0
Znc Znc Docker Image 1.7.0-slim
Znc Znc Docker Image 1.7.1-slim
9.8
CVSSv3
CVE-2020-29576
The official eggdrop Docker images prior to 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access with a blank password.
Eggheads Eggdrop Docker Image 1.6
Eggheads Eggdrop Docker Image 1.6.21
Eggheads Eggdrop Docker Image 1.8.0
Eggheads Eggdrop Docker Image 1.8.1
Eggheads Eggdrop Docker Image 1.8.2
Eggheads Eggdrop Docker Image 1.8.3
Eggheads Eggdrop Docker Image 1.8.4
7.1
CVSSv3
CVE-2022-26659
Docker Desktop installer on Windows in versions prior to 4.6.0 allows an malicious user to overwrite any administrator writable files by creating a symlink in place of where the installer writes its log file. Starting from version 4.6.0, the Docker Desktop installer, when run ele...
Docker Docker Desktop
7.1
CVSSv3
CVE-2023-0629
Docker Desktop prior to 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the DOCKER_HOST environment varia...
Docker Docker Desktop
7.8
CVSSv3
CVE-2020-11492
An issue exists in Docker Desktop up to and including 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonat...
Docker Docker Desktop
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »