Lucene search
K

9260 matches found

Amazon
Amazon
added 2021/11/18 12:0 a.m.31 views

Medium: docker

Issue Overview: Docker Engine before 18.09 allows attackers to cause a denial of service dockerd memory consumption via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemonunix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. CVE-2018-20699 A command injectio...

8.4CVSS7.8AI score0.03653EPSS
Exploits1
Amazon
Amazon
added 2021/11/18 12:0 a.m.3 views

Medium: containerd, docker

Issue Overview: In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of Moby Docker Engine prior to 20.10.11 and versions of...

5CVSS7AI score0.02085EPSS
Exploits0
Amazon
Amazon
added 2021/11/18 12:0 a.m.3 views

Medium: containerd, docker

Issue Overview: In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of Moby Docker Engine prior to 20.10.11 and versions of...

5CVSS7AI score0.02085EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/18 12:0 a.m.78 views

Amazon Linux AMI : containerd, docker (ALAS-2021-1551)

The version of containerd installed on the remote host is prior to 1.4.6-7.11. The version of docker installed on the remote host is prior to 20.10.7-5.76. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1551 advisory. In the OCI Distribution Specification version 1.0...

5CVSS6.9AI score0.02085EPSS
Exploits0References3
Amazon
Amazon
added 2021/11/18 12:0 a.m.32 views

Medium: docker

Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...

6.8CVSS7.3AI score0.03287EPSS
Exploits0
Amazon
Amazon
added 2021/11/18 12:0 a.m.2 views

Medium: docker

Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...

6.8CVSS7AI score0.03287EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/11/15 6:44 p.m.56 views

CVE-2021-41092

A confidential data leak vulnerability was found in Docker CLI. The execution of docker login to a private registry may send provided credentials in a misconfigured docker credentials store to the registry-1.docker.io rather than the specified private registry. This flaw allows an attacker to ste...

7.5CVSS7.3AI score0.01536EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/11/15 6:14 p.m.688 views

CVE-2021-41091

A file permissions vulnerability was found in the Moby Docker Engine. The Moby data directory usually /var/lib/docker contains subdirectories with insufficiently restricted permissions, allowing unprivileged Linux users to traverse directory contents and execute programs. When the running contain...

6.3CVSS6.7AI score0.02693EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2021/11/15 12:0 a.m.45 views

Docker Desktop < 2.1.0.1 Privilege Escalation

The version of Docker Desktop for Windows is prior to 2.1.0.1. Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting f...

9.3CVSS7.1AI score0.29628EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2021/11/15 12:0 a.m.35 views

Amazon Linux AMI : docker (ALAS-2021-1550)

The version of docker installed on the remote host is prior to 20.10.7-2.69. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1550 advisory. A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under...

6.8CVSS6.9AI score0.03287EPSS
Exploits0References5
Kitploit
Kitploit
added 2021/11/14 11:30 a.m.36 views

ChopChop - ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders

ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file by...

7.6AI score
Exploits0References9
CNVD
CNVD
added 2021/11/10 12:0 a.m.9 views

JetBrains TeamCity Information Disclosure Vulnerability (CNVD-2021-89060)

TeamCity is a Java-based build management and continuous integration server from JetBrains. An information disclosure vulnerability exists in JetBrains TeamCity versions prior to 2021.1. An attacker can exploit this vulnerability to obtain information via the Docker Registry connection dialog...

7.5CVSS6.2AI score0.00971EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/11/10 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-5134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01536EPSS
Exploits0References2
NVD
NVD
added 2021/11/09 3:15 p.m.13 views

CVE-2021-43196

In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible...

7.5CVSS0.00971EPSS
Exploits0References1
OSV
OSV
added 2021/11/09 3:15 p.m.1 views

CVE-2021-43196

In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible...

7.5CVSS5.8AI score0.00971EPSS
Exploits0References1
Prion
Prion
added 2021/11/09 3:15 p.m.17 views

Information disclosure

In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible...

5CVSS7.3AI score0.00971EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/09 2:49 p.m.17 views

CVE-2021-43196

In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible...

7.9AI score0.00971EPSS
Exploits0References1
CVE
CVE
added 2021/11/09 2:49 p.m.58 views

CVE-2021-43196

CVE-2021-43196 affects JetBrains TeamCity prior to 2021.1, where information disclosure is possible via the Docker Registry connection dialog. The vulnerability is reported in multiple sources (NVD/NVD CVE entry and CNVD) with an impact on confidentiality (partial to high) and network attack vect...

7.5CVSS7.2AI score0.00971EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2021/11/09 11:30 a.m.27 views

Ddosify - High-performance Load Testing Tool

Features Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way. Scenario-Based - Create your flow in a JSON file. Without a line of code! Different Load Types - Test your system's limits across different load types. Installation ddosify is available via...

6.9AI score
Exploits0References7
Ubuntu
Ubuntu
added 2021/11/09 2:38 a.m.90 views

USN-5134-1: Docker vulnerability

An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry...

7.5CVSS6.4AI score0.01536EPSS
Exploits0
Rows per page
Query Builder