ICS-SimLab: A Containerized Approach for Simulating Industrial Control Systems for Cyber Security Research

Industrial Control Systems ICSs are complex interconnected systems used to manage process control within industrial environments, such as chemical processing plants and water treatment facilities. As the modern industrial environment moves towards Internet-facing services, ICSs face an increased...

CVE-2025-10657

In a hardened Docker environment, with Enhanced Container Isolation ECI https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/ enabled, an administrator can utilize the command restrictions feature...

CVE-2025-10657

Docker Desktop 4.46.0 with Enhanced Container Isolation (ECI) enabled is affected by a bug where the command restrictions configuration passed to ECI is ignored, allowing any command to execute on the Docker socket. This creates a container-escape risk for containers explicitly permitted to mount...

CVE-2025-10657 Docker Desktop with ECI Fails to Enforce Socket Command Restrictions

In a hardened Docker environment, with Enhanced Container Isolation ECI https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/ enabled, an administrator can utilize the command restrictions feature...

CVE-2025-10657 Docker Desktop with ECI Fails to Enforce Socket Command Restrictions

In a hardened Docker environment, with Enhanced Container Isolation ECI https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/ enabled, an administrator can utilize the command restrictions feature...

Malicious code in autobahn-testsuite-docker (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-47844 Malicious code in autobahn-testsuite-docker (npm)

The package communicates with a domain associated with malicious activity...

Docker Desktop 安全漏洞

Docker Desktop is a desktop software for lightweight deployment of applications based on container technology from Docker Inc. in the United States. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

PT-2025-39690

Name of the Vulnerable Software and Affected Versions Docker Desktop version 4.46.0 Description A software bug in Docker Desktop allowed the configuration for restricting commands to be ignored when passed to Enhanced Container Isolation ECI. This granted excessive privileges by permitting...

Exploit for Command Injection in Snowflake Snowflake_Connector

Snowflake Connector CVE-2025-24793 PoC This repository contai...

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service

Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers...

SUSE-SU-2025:03271-1 Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service DDoS attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Php

sudo docker run -it --rm -p 8080:80 php:8.0.29-apache bash...

Exploit for Deserialization of Untrusted Data in Bentoml

Day 09 — CVE-2025-27520 BentoML-style insecure deserializatio...

CVE-2025-34201

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments run many Docker containers on shared internal networks without firewalling or segmentation between instances. A compromise of any single container allows direct access to internal services HTTP, Redi...

CVE-2025-34203

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 VA and SaaS deployments contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components examples:...

CVE-2025-34202

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 25.2.169 and Application prior to 25.2.1518 VA and SaaS deployments expose Docker internal networks in a way that allows an attacker on the same external L2 segment — or an attacker able to add routes using the appliance as a...

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, dagdotdev, kserve-rest-proxy, falco, lvm-driver, mongodb-kubernetes-operator, grafana-operator, hivemind, blobfuse2, rancher-machine, vault-benchmark, modelmesh-runtime-adapter, newrelic-fluent-bit-output, cloud-provider-aws,...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, dagdotdev, kserve-rest-proxy, falco, lvm-driver, mongodb-kubernetes-operator, grafana-operator, hivemind, blobfuse2, rancher-machine, vault-benchmark, modelmesh-runtime-adapter, newrelic-fluent-bit-output, cloud-provider-aws,...