9157 matches found
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the container query parameter in GET /api/beszel/containers/logs and GET /api/beszel/containers/info endpoints, which is passed without validation to the agent and interpolated directly into Docker API URLs. An...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the container query parameter in GET /api/beszel/containers/logs and GET /api/beszel/containers/info endpoints, which is passed without validation to the agent and interpolated directly into Docker API URLs. An...
EUVD-2026-9053
Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID...
GHSA-PHWH-4F42-GWF3 Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID
Summary The hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URLs using fmt.Sprintf with the raw value instead of...
CVE-2026-27734
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
CVE-2026-27734
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
CVE-2026-27734
Beszel is a server monitoring platform. Before v0.18.2, the hub’s authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied container param to the agent without validation. The agent builds Docker Engine API URLs using fmt.Sprintf with ...
CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
CVE-2026-27734
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
Exploit for CVE-2023-24012
DDS Security Test This is a ROS 2 DDS security testing enviro...
CVE-2026-27899
WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...
PT-2026-22402
Name of the Vulnerable Software and Affected Versions Canarytokens versions prior to sha-7ff0e12 Description The Canarytokens PWA Canarytoken has a Self Cross-Site Scripting issue. A Canarytoken creator can execute Javascript code by inserting it into the title field of their PWA token. This allo...
Beszel 路径遍历漏洞
Beszel is a lightweight server monitoring center developed by Hank’s individual developers. Versions of Beszel prior to 0.18.2 contained a path traversal vulnerability. This vulnerability stemmed from insufficient validation of container query parameters provided to users, which could allow...
Docker Model Runner 安全漏洞
Docker Model Runner is an open-source Docker model runner developed by Docker. Versions of Docker Model Runner prior to 1.0.16 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated POST endpoints that allowed arbitrary runtime flags to be accepted. This could enable...
PT-2026-22382
Name of the Vulnerable Software and Affected Versions Beszel versions prior to 0.18.2 Beszel versions 0.18.2 through 0.18.3 Description Beszel is a server monitoring platform. The platform’s authenticated API endpoints, specifically ''/api/beszel/containers/logs'' and...
docker-29.2.1_ce-37.1 on GA media (moderate)
docker-29.2.1ce-37.1 on GA media Announcement ID: openSUSE-SU-2026:10261-1 Rating: moderate Cross-References: CVE-2025-67499 CVSS scores: CVE-2025-67499 SUSE : 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-67499 SUSE : 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:...
Security update for docker-stable (moderate)
openSUSE security update: security update for docker-stable ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20262-1 Rating: moderate References: bsc1250508 bsc1250596 bsc1252290 Affected Products: openSUSE Leap 16.0...
EUVD-2026-8797
WireGuard Portal is Vulnerable to Privilege Escalation via User Self-Update to Admin Level...