130 matches found
ROS-20260625-73-0023
The vulnerability in Docker CE is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2026-53754
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection validatewebhookurl / validateurldestination in deploy/docker/utils.py used an explicit IPv4/IPv6 CIDR blocklist that missed several address families. An attacker could reach...
Amazon Linux 2 : docker, --advisory ALAS2ECS-2026-115 (ALASECS-2026-115)
The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-115 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and ...
Astra Linux – Vulnerability in docker.io
Moby is an open-source container framework developed by Docker Inc., distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which is...
Astra Linux – Vulnerability in docker.io
In Docker versions before 9.03.15 and 20.10.3, there is a vulnerability in which pulling an intentionally malformed Docker image manifest causes the dockerd daemon to crash. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...
Amazon Linux 2 : docker, --advisory ALAS2ECS-2026-108 (ALASECS-2026-108)
The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-108 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...
Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-100 (ALASNITRO-ENCLAVES-2026-100)
The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-100 advisory. Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: docker (UTSA-2026-017330)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017330 advisory. moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that ca...
CVE-2026-42454 Termix: OS Command Injection in Docker Container Management Endpoints
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, all Docker container management endpoints in Termix interpolate the containerId URL path parameter and WebSocket message field directly into shell commands execute...
SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2026:1492-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1492-1 advisory. This update for docker rebuilds it against the current go 1.25 security release. Tenable has extracted the preceding...
Exploit for CVE-2025-9074
Description Vibe coded a small exploit script in pure Bash wit...
Amazon Linux 2023 : docker (ALAS2023-2026-1376)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1376 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...
Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-090 (ALASNITRO-ENCLAVES-2026-090)
The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-090 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing...
Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-082 (ALASNITRO-ENCLAVES-2025-082)
The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-082 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...
Exploit for Improper Handling of Exceptional Conditions in Apache Struts
SSP ASSIGNEMENT 3 : CVE poc Exploitation of CVE-2017-5638...
Amazon Linux 2 : docker, --advisory ALAS2ECS-2025-076 (ALASECS-2025-076)
The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-076 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container...
Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-070 (ALASNITRO-ENCLAVES-2025-070)
The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-070 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis...
EUVD-2015-1954
Malware in sbrugna...
EUVD-2014-0144
Malware in sbrugna...
EUVD-2014-0018
Malware in sbrugna...