9157 matches found
CVE-2026-2664
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...
CVE-2026-2664 Out of bounds read vulnerability in grpcfuse kernel module
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...
EUVD-2026-7385
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...
CVE-2026-2664
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...
CVE-2026-2664 Out of bounds read vulnerability in grpcfuse kernel module
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...
CVE-2026-2664
Summary: CVE-2026-2664 is an out-of-bounds read in the grpcfuse kernel module used by Docker Desktop’s Linux VM on Windows, Linux, and macOS. Affected: Docker Desktop versions up to 4.61.0. Attack vector: local attacker could exploit by writing to /proc/docker entries, with impact described as un...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software from the American company Docker, based on container technology, used for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...
PT-2026-21675
Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.62.0 Description An out of bounds read issue exists in the grpcfuse kernel module within the Linux VM used by Docker Desktop for Windows, Linux, and macOS. This could allow a local attacker to potentially cau...
Docker Desktop MCP Server Cleartext Storage of Sensitive Information Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
OpenClaw < 2026.2.15 Multiple Vulnerabilities
The version of the OpenClaw AI assistant installed on the remote host is prior to 2026.2.15. It is, therefore, affected by multiple vulnerabilities, including: - A configuration injection issue in the Docker tool sandbox could allow dangerous Docker options such as bind mounts, host networking, a...
operator-poc
operator-poc // TODOuser: Add simple overview of use/purpose...
CVE-2026-27466
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...
openSUSE 16 Security Update : docker (openSUSE-SU-2026:20249-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20249-1 advisory. - CVE-2025-58181: not validating the number of mechanisms can cause unlimited memory consumption bsc1253904. Tenable has extracted the preceding...
CVE-2026-27466
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...
CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...
CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...
CVE-2026-27466
CVE-2026-27466 affects BigBlueButton prior to 3.0.22. In 3.0.21 and earlier, the official Server Customization guidance for ClamAV as a presentation-file scanner exposes ports 3310 and 7357, allowing a remote attacker to send large/complex documents to clamd and exhaust resources or shut it down....
CVE-2026-27002
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options bind mounts, host networking, unconfined profiles to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 block...
PT-2026-21364
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
Heavily influenced/copied/based on the format of a similar repo...