Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker docker vulnerabilities and exploits
(subscribe to this query)
7.9
CVSSv2
CVE-2020-26278
Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an malicious user to take over any host in the clus...
Weave Weave
7.7
CVSSv2
CVE-2020-4062
In Conjur OSS Helm Chart prior to 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port. This allows an malicious user to gain full read & write access to the Conjur Postgres database, including esca...
Cyberark Conjur Oss Helm Chart
7.5
CVSSv2
CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated malicious user to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 prior to 7.4.17, fro...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
99 Github repositories
3 Articles
7.5
CVSSv2
CVE-2022-29180
A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend...
Charm Charm
7.5
CVSSv2
CVE-2021-45414
A Remote Code Execution (RCE) vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver.
Datarobot Datarobot
7.5
CVSSv2
CVE-2022-23126
TeslaMate prior to 1.25.1 (when using the default Docker configuration) allows malicious users to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a toke...
Teslamate Project Teslamate
7.5
CVSSv2
CVE-2021-39159
BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories. In affected versions a remote code execution vulnerability has been identified in BinderHub, where providing BinderHub with maliciously...
Jupyter Binderhub
7.5
CVSSv2
CVE-2021-37353
Nagios XI Docker Wizard before version 1.1.3 is vulnerable to SSRF due to improper sanitation in table_population.php.
Nagios Nagios Xi Docker Wizard
7.5
CVSSv2
CVE-2021-21979
In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the...
Bitnami Containers 8.5.4-debian-10-r1
Bitnami Containers 8.5.2-debian-10-r1
Bitnami Containers
Bitnami Containers 6.19.0-debian-10-r0
Bitnami Containers 7.29.0-debian-10-r0
Bitnami Containers 7.30.0-debian-10-r0
Bitnami Containers 8.3.0-debian-10-r0
Bitnami Containers 8.5.2-debian-10-r0
Bitnami Containers 8.5.3-debian-10-r0
Bitnami Containers 8.5.4-debian-10-r0
1 Github repository
7.5
CVSSv2
CVE-2021-27886
rakibtg Docker Dashboard prior to 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product.
Docker Dashboard Project Docker Dashboard
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »