14 matches found
ROS-20260605-73-0021
The vulnerability in Portainer-Ce is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
ROS-20260605-73-0023
The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
ROS-20260605-73-0020
The vulnerability in Portainer-Ce relates to the disclosure of information through query strings. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
ROS-20260605-73-0022
The vulnerability in Portainer-Ce is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
ROS-20260529-73-0009
The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2026-33590 Insecure default permissions in Portainer CE
Insecure default settings of Portainer CE grant regular non-admin users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the...
EUVD-2026-33007
Insecure default settings of Portainer CE grant regular non-admin users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the...
Arbitrary File Read
Portainer Community Edition is vulnerable to Arbitrary File Read. The vulnerability is due to improper handling of symbolic links in Git-backed stack repositories, where symlinked stack files are created without validation and later followed during file reads, allowing authenticated attackers to...
CVE-2024-29296
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...
CVE-2024-29296
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...
CVE-2024-29296
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...
CVE-2024-29296
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...
PT-2024-5801 · Unknown +1 · Portainer Ce +1
Name of the Vulnerable Software and Affected Versions: Portainer CE version 2.19.4 Description: A user enumeration issue is present in the user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. This...
CVE-2024-29296
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...