Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433 Remote Shell Go-based exploit for CVE-2025-3243...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813-vulhub POC script for the vulhub environment of...

Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT

Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service DDoS malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States. "From 2020 to 2023, the XorDDoS trojan has increased significantly...

SUSE SLES12 Security Update : docker (SUSE-SU-2025:1341-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1341-1 advisory. - Update to docker-buildx v0.22.0 - CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765 Tenable has extracted the...

SUSE SLES12 Security Update : docker-stable (SUSE-SU-2025:1344-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1344-1 advisory. - CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from...

CVE-2025-30206

Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine. This security flaw allows attackers ...

SUSE-SU-2025:1344-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765 Other fixes: - Update to docker-buildx v0.22.0. - Disable...

Security update for docker-stable

This update for docker-stable fixes the following issues: CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765 Other fixes: Update to docker-buildx v0.22.0. Disable transparent...

Security update for docker

This update for docker fixes the following issues: Update to docker-buildx v0.22.0 CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2025:1341-1 Security update for docker

This update for docker fixes the following issues: - Update to docker-buildx v0.22.0 - CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-053)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-053 advisory. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

Amazon Linux 2 : docker (ALASDOCKER-2025-056)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-056 advisory. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

AZL-60557 CVE-2025-22872 affecting package docker-compose for versions less than 2.27.0-5

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

AZL-60467 CVE-2025-22872 affecting package docker-buildx for versions less than 0.14.0-6

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

CVE-2024-22036

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

CVE-2024-22036

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

CVE-2024-22036

CVE-2024-22036 describes a vulnerability in Rancher where a cluster/node driver can escape the chroot jail and gain root access to the Rancher container itself, with potential privilege escalation within the container and, in test/dev environments, possible escape to the host. The issue affects R...

CVE-2024-22036 Rancher Remote Code Execution via Cluster/Node Drivers

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

Important: docker

Issue Overview: An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. CVE-2025-22868 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or no...

Important: docker

Issue Overview: An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. CVE-2025-22868 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or no...