9154 matches found
(0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to escape the container and execute high-privileged code within the Docker Hyper-V VM in order to exploit this vulnerability. The specific flaw...
(0Day) Docker Desktop cli-plugins Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first obtain the ability to escape the container and execute low-privileged code within the Docker Hyper-V VM in order to exploit this vulnerability. The...
(0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first obtain the ability to execute high-privileged code within the container in order to exploit this vulnerability. The specific flaw exists within the the...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: podman: podman-5.8.2-1.hum1 aarch64, x8664 podman-docker-5.8.2-1.hum1 noarch podman-machine-5.8.2-1.hum1 aarch64, x8664 podman-remote-5.8.2-1.hum1 aarch64, x8664 podman-tests-5.8.2-1.hum1 aarch64...
Selenium Grid/Selenoid Unauthenticated RCE
Selenium Grid and Selenoid expose a WebDriver API that allows creating browser sessions with arbitrary capabilities. When deployed without authentication the default for both, an attacker can achieve remote code execution through two browser-specific techniques: For Chrome, the goog:chromeOptions...
Malicious Package
Overview percy-cake-docker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-2634 Malicious code in percy-cake-docker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf9ba1c1f0935698da1dc2d1856efe1994c5b21139eec04f6eca712e85925f2 The package percy-cake-docker was found to contain malicious code. Source: ghsa-malware...
Photon OS 5.0: Docker PHSA-2026-5.0-0809
An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0809. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-108 (ALASDOCKER-2026-108)
"The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-108 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On...
Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-094 (ALASNITRO-ENCLAVES-2026-094)
"The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-094 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
Amazon Linux 2 : docker, --advisory ALAS2ECS-2026-106 (ALASECS-2026-106)
"The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-106 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix...
CVE-2024-46983 vulnerabilities
Vulnerabilities for packages: nacos, nacos-docker...
CVE-2026-34237 vulnerabilities
Vulnerabilities for packages: nacos-docker, nacos, camunda, camunda-zeebe...
GHSA-HV2W-8MJJ-JW22 vulnerabilities
Vulnerabilities for packages: nacos-docker, nacos, camunda, camunda-zeebe...
GHSA-C459-2M73-67HJ vulnerabilities
Vulnerabilities for packages: nacos, nacos-docker...
GHSA-8JXR-PR72-R468 vulnerabilities
Vulnerabilities for packages: nacos, nacos-docker...
CVE-2026-35568 vulnerabilities
Vulnerabilities for packages: nacos, nacos-docker...
Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)
Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...
Decepticon
⚡ Decepticon — Autonomous Multi-Agent Offensive Security !L...
blind-sqli-lab
🔬 Blind SQL Injection Lab — Time-Based PostgreSQL + FastAPI...