85 matches found
Security Bulletin: Multiple Vulnerabilities in watsonx.data
Summary Multiple vulnerabilities were addressed in watsonx.data 2.3.1 patch 6 version, which was present in different version from watson.data 2.3.1 to watsonx.dat 2.3.1 Patch 5 Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in...
CVE-2026-44848
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...
CVE-2026-44848 Portainer: Missing authorization on Docker plugin endpoints allows host RCE
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...
EUVD-2026-33064
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...
CVE-2026-44848 Portainer: Missing authorization on Docker plugin endpoints allows host RCE
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...
Portainer 安全漏洞
Portainer is a lightweight user management interface developed by Portainer Foundation for managing Docker environments and Docker hosts. Vulnerabilities exist in versions of Portainer Community Edition from 2.33.0 to 2.33.8, as well as in versions prior to 2.39.2 and 2.41.0. These vulnerabilitie...
[SECURITY] Fedora 42 Update: docker-buildx-0.34.0-1.fc42
Docker CLI plugin for extended build capabilities with BuildKit...
[SECURITY] Fedora 44 Update: docker-buildx-0.34.0-1.fc44
Docker CLI plugin for extended build capabilities with BuildKit...
Missing Authorization
github.com/portainer/portainer is vulnerable to Missing Authorization. The vulnerability is due to missing authorization handlers for the Docker plugin management endpoints, which allows a non-admin user with endpoint-level access to perform privileged plugin operations directly against the...
Portainer missing authorization on Docker plugin endpoints, which allows host RCE
Summary Portainer enforces Role-Based Access Control RBAC on top of the Docker API. The proxy layer routes incoming Docker API requests to per-resource handlers containers, images, services, volumes, etc. that apply authorization checks. The Docker plugin management endpoints /plugins/ were not...
Medium: docker
Issue Overview: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may...
OESA-2026-2138 moby security update
Docker is a product for you to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plug...
SUSE CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
Linux Distros Unpatched Vulnerability : CVE-2026-33997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be...
CVE-2026-33997
A flaw was found in Moby, an open-source container framework. This vulnerability allows for a privilege validation bypass during docker plugin install. Due to an error in the daemon's privilege comparison logic, the system may incorrectly accept a plugin's requested privileges that differ from...
CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
UBUNTU-CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
CVE-2026-33997 Moby: Off-by-one error in plugin privilege validation
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...