Lucene search
+L

310 matches found

Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.27 views

PT-2026-41145

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions prior to 2.39.0 Description The backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function ExtractTarGz in api/archive/targz.go constructs...

5.5CVSS5.9AI score0.00606EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.23 views

PT-2026-41142

Name of the Vulnerable Software and Affected Versions portainer-ce versions 2.33.0 through 2.33.7 portainer-ce-agent versions 2.33.0 through 2.33.7 Description An authorization bypass exists in the middleware layer kubeClientMiddleware within the api/http/handler/kubernetes/handler.go file. The...

8.5CVSS5.8AI score0.00335EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.23 views

PT-2026-41144

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.0 Portainer Community Edition versions prior to 2.33.0 Description A missing authorization issue in the Custom Template file...

6.5CVSS5.8AI score0.00257EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.17 views

PT-2026-41141

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.1 Portainer Community Edition versions prior to 2.41.0 Description Portainer supports deploying stacks from Git repositories...

9.9CVSS5.9AI score0.00416EPSS
Exploits2References13
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.16 views

PT-2026-41035

Name of the Vulnerable Software and Affected Versions Portainer versions 2.33.0 through 2.33.7 Portainer versions 2.39.0 through 2.39.1 Portainer versions 2.40.0 through 2.40.x Portainer versions prior to 2.33.0 Description An authorization bypass exists in the Docker API proxy layer where plugin...

9.4CVSS6AI score0.00328EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.18 views

PT-2026-41036

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.1 Portainer Community Edition versions 2.40.0 through 2.40.x Portainer Community Edition versions prior to 2.33.0 Description...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.18 views

PT-2026-41143

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.1 Portainer Community Edition versions prior to 2.41.0 Description The authentication middleware accepts JSON Web Tokens JWT...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.20 views

PT-2026-41140

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.1 Portainer Community Edition versions prior to 2.41.0 Description Portainer includes a security setting to disable bind mounts...

8.5CVSS5.8AI score0.00206EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.15 views

CVE-2018-12678

Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks...

9.8CVSS7.3AI score0.02308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:0 p.m.8 views

CVE-2018-19367

Portainer through 1.19.2 provides an API endpoint /api/users/admin/check to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case...

9.8CVSS6.9AI score0.01469EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.8 views

CVE-2020-24263

Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

8.8CVSS7.7AI score0.01601EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.7 views

CVE-2020-24264

Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...

10CVSS7.8AI score0.04116EPSS
Exploits0References1
Redos
Redos
added 2025/11/06 12:0 a.m.8 views

ROS-20251106-01

The vulnerability in the Portainer container management platform is related to a vulnerability in the server side, API, registry list output logic, and/or a component that returned fields with secrets. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

8.8CVSS7AI score0.00244EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7382

Malware in sbrugna...

7.5CVSS7.5AI score0.01352EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-4633

Malware in sbrugna...

9.8CVSS9.5AI score0.02308EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8167

Malware in sbrugna...

5.4CVSS5.5AI score0.00794EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-7379

Malware in sbrugna...

9.9CVSS8.9AI score0.01355EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-7381

Malware in sbrugna...

6.5CVSS6.5AI score0.0089EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7380

Malware in sbrugna...

5.4CVSS5.6AI score0.00521EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-16999

Malware in sbrugna...

10CVSS9.2AI score0.04116EPSS
Exploits0References2
Rows per page
Query Builder