EUVD-2025-36191

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

Docker Desktop 安全漏洞

Docker Desktop is a desktop software for lightweight deployment of applications based on container technology from Docker Inc. in the United States. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

Docker Compose 路径遍历漏洞

Docker Compose is a Docker open source for defining and running multi-container applications using Docker. A path traversal vulnerability exists in Docker Compose that stems from trusting path information in a remote OCI compose artifact, which could lead an attacker to escape the cache directory...

PT-2025-44043

Name of the Vulnerable Software and Affected Versions Docker Compose versions prior to 2.40.2 Description Docker Compose is affected by a path traversal flaw stemming from improper restriction of path names to accessible directories. This issue allows a remote attacker to overwrite arbitrary file...

Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

[SECURITY] Fedora 43 Update: docker-buildx-0.29.1-1.fc43

Docker CLI plugin for extended build capabilities with BuildKit...

[SECURITY] Fedora 43 Update: docker-buildkit-0.25.0-1.fc43

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

Fedora 43 : docker-buildkit (2025-f7a2d648e7)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f7a2d648e7 advisory. - Update to release v0.25.0 - Resolves: rhbz2399354, rhbz2399081, rhbz2398678, rhbz2398424 - Upstream feature additions and fixes Tenable has...

Fedora 43 : docker-buildx (2025-d81c797483)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-d81c797483 advisory. - Update to release v0.29.1 - Upstream fixes ---- - Update to release v0.29.0 - Resolves: rhbz2397747, rhbz2398425, rhbz2398679, rhbz2399082,...

PT-2025-43961

Name of the Vulnerable Software and Affected Versions Docker Desktop versions through 4.48.0 Description The Docker Desktop Installer.exe is susceptible to a DLL hijacking issue stemming from an insecure DLL search order. The installer prioritizes searching for necessary DLLs within the user's...

SUSE CVE-2025-10678

NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default password was not...

CVE-2025-10678

NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default password was not...

EUVD-2025-35061

NetBird VPN does not remove the default password of an admin account...

GHSA-G3J4-58MP-3X25 NetBird VPN does not remove the default password of an admin account

NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default password was not...

NetBird VPN does not remove the default password of an admin account

NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default password was not...

CVE-2025-10678

NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default password was not...

CVE-2025-10678

NetBird VPN vulnerable to an admin account left with a default password after installation via vendor scripts (ZITADEL-created admin). Several sources confirm the issue affects installations using the vendor script and potentially Docker instances if the default password isn’t changed or the user...

CVE-2025-10678 Admin with default credentials in NetBird VPN

NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default password was not...

Exploit for Deserialization of Untrusted Data in Huggingface Transformers

Running - have docker and uv installed, then clone repo and run...

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

An investigation into the compromise of an Amazon Web Services AWS-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro , according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF extended Berkeley...