CVE-2026-47179

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.4, ProjectService.GetProjectFileContent returns the contents of any Docker Compose include directive declared in a project's compose file before any path-traversal validation runs. Because...

PT-2026-33777

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.4 Description A Server-Side Request Forgery SSRF issue exists in the Glances IP plugin due to improper validation of the public api configuration parameter. The value of public api is passed directly to the urlope...

CVE-2024-41997

An issue was discovered in version of Warp Terminal prior to 2024.07.18 v0.2024.07.16.08.02. A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the warp://action/docker/opensubshell intent that when clicked ...

Exploit for CVE-2024-41997

Warp Terminal RCE CVE-2024-41997 Command injection via unsa...

EUVD-2024-39573

Malicious code in bioql PyPI...

CVE-2025-57802

Airlink’s Daemon vulnerability (CVE-2025-57802) affects version 1.0.0, where an attacker with access to the affected container can create symbolic links inside the mounted /app/data directory. Because the container bind-mounts an arbitrary host path, these symlinks can point to sensitive host loc...

CVE-2024-41997

An issue was discovered in version of Warp Terminal prior to 2024.07.18 v0.2024.07.16.08.02. A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the warp://action/docker/opensubshell intent that when clicked ...

CVE-2024-41997

An issue was discovered in version of Warp Terminal prior to 2024.07.18 v0.2024.07.16.08.02. A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the warp://action/docker/opensubshell intent that when clicked ...

CVE-2024-41997

An issue was discovered in version of Warp Terminal prior to 2024.07.18 v0.2024.07.16.08.02. A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the warp://action/docker/opensubshell intent that when clicked ...

CVE-2024-41997

CVE-2024-41997 affects Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). The Docker integration uses warp:// URIs and the /docker/open_subshell action accepts a shell parameter that is incorporated into a command string without sanitization, enabling command injection. An attacker can craf...

Warp 安全漏洞

Warp is a terminal application from Warp, Inc. A security vulnerability exists in versions prior to Warp 2024.07.18 v0.2024.07.16.08.02, which stems from a command injection vulnerability in the Docker Integration feature, which allows an attacker to execute commands on the victim's machine by...

DEBIAN-CVE-2024-45310

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

CVE-2024-42364 homepage DNS rebinding vulnerability (GHSL-2024-096)

Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...

SUSE CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

Default configuration

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47633 Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47633 Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

Exploit for Missing Authorization in Linuxfoundation Harbor

Ary Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。 版本：2.1.1 公开版 作者： Ali0th 联系： [email protected] 主页： github.com/Martin2877 声明：本工具仅供学习、测试使用，严禁用于非法用途，开发者对使用者的违法行为不负责任。 交流：欢迎提issue，或私信我加入工具使用交流群。 下载 前往releases下载 相关文档 我的一键 getshell 代码开发之路v1.8.pdf 功能 注意，部分功能还在开发中 0. 信息收集工具开发中 1. 通过多个网络空间的搜索引擎批量爬取相应网站, 如...