9245 matches found
The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in the fact that it allows a user to introduce or modify arguments, enabling an attacker to increase their privileges.
The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to the implementation or modification of arguments. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in its authentication procedures’ flaws, which allow attackers to obtain full administrator privileges.
The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain full administrator privileges...
CVE-2023-5166
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0...
CVE-2023-5165
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
CVE-2023-5165
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
CVE-2023-5166
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0...
CVE-2023-0627
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0625
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0633
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0627
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0625
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0633
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0626
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0626
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...
Design/Logic Flaw
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...
Code injection
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...
Design/Logic Flaw
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
Code injection
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0...
Code injection
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...
Design/Logic Flaw
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...