Docker Model Runner 安全漏洞

Docker Model Runner is an open-source Docker model runner developed by Docker. Docker Model Runner vllm-metal contains a security vulnerability. This vulnerability arises from setting trustremotecode=True without any sandbox protection. It may allow arbitrary Python files to be executed during...

Malicious code in arc-diag-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95f08d97107d726a6ae90afbf8e354b84a7e13d4a236bc8766180a362cc8344c On npm install, the package's postinstall hook runs id to capture the installer's uid/gid/group identity and opens a raw TCP socket to...

MAL-2026-4481 Malicious code in arc-diag-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95f08d97107d726a6ae90afbf8e354b84a7e13d4a236bc8766180a362cc8344c On npm install, the package's postinstall hook runs id to capture the installer's uid/gid/group identity and opens a raw TCP socket to...

CVE-2020-24263

Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

EUVD-2020-16999

Malware in sbrugna...

EUVD-2020-16998

Malware in sbrugna...

GHSA-7HPF-G48V-HW3J Zoraxy has an authenticated command injection in the Web SSH feature

Summary A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. Details Zoraxy has a Web SSH terminal feature that allows authenticated users to connect to SSH servers from their browsers. In...

Zoraxy has an authenticated command injection in the Web SSH feature

Summary A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. Details Zoraxy has a Web SSH terminal feature that allows authenticated users to connect to SSH servers from their browsers. In...

Docker Desktop 安全漏洞

Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

PT-2023-1878 · Docker · Docker Desktop

Name of the Vulnerable Software and Affected Versions: Docker Desktop versions 4.13.0 through 4.16.x Description: The issue allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock or npipe:////.pipe/docker engine linux on...

Privilege Escalation

github.com/portainer/portainer is vulnerable to privilege escalation. The vulnerability exists due to an insecure permissions in the isValidStackFile function allowing non-admin user to spawn new containers critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

CVE-2020-24264

Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...

CVE-2020-24264

Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...

CVE-2020-24263

Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

CVE-2020-24263

Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

Code injection

Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

Design/Logic Flaw

Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...

CVE-2020-24263

CVE-2020-24263 affects Portainer ≤ 1.24.1. The issue is an insecure permissions vulnerability that allows a non-admin user to spawn new containers with critical capabilities (e.g., SYS_MODULE), enabling potential remote code execution and host takeovers. The available connected documents confirm ...

CVE-2020-24263

Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

How to protect a Docker host before deploying applications

Watch how quick and easy it is to use Trend Micro Cloud One™ to protect a Docker® host before deploying an application in this demo by Marc Tabago, Sales Engineer at Trend Micro...