Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0628
Docker Desktop prior to 4.17.0 allows an malicious user to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL.
Docker Docker Desktop
NA
CVE-2023-0629
Docker Desktop prior to 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the DOCKER_HOST environment varia...
Docker Docker Desktop
NA
CVE-2023-0633
In Docker Desktop on Windows prior to 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: prior to 4.12.0.
Docker Docker Desktop
NA
CVE-2023-5165
Docker Desktop prior to 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business cu...
Docker Docker Desktop
NA
CVE-2023-5166
Docker Desktop prior to 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: prior to 4.23.0.
Docker Docker Desktop
356
VMScore
CVE-2016-6595
The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that ...
Docker Docker 1.12.0
890
VMScore
CVE-2020-29601
The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. System using the notary docker container deployed by affected versions of the docker image may allow an remote malicious user to achieve root access with a blank password.
Docker Notary Docker Image
890
VMScore
CVE-2020-35184
The official composer docker images prior to 1.8.3 contain a blank password for a root user. System using the composer docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank password.
Docker Composer Docker Image
890
VMScore
CVE-2020-35195
The official haproxy docker images prior to 1.8.18-alpine (Alpine specific) contain a blank password for a root user. System using the haproxy docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank ...
Docker Haproxy Docker Image
409
VMScore
CVE-2020-15360
com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification.
Docker Docker Desktop 2.3.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »