129 matches found
Incomplete Patch Leaves NVIDIA and Docker Users at Risk
NVIDIA's incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized environments. This article explains the risks and mitigation strategies...
CVE-2024-7771
A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...
Docker 4.39.0 (CVE-2025-1696)
The version of Docker installed on the remote host is prior to 4.39.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1696 advisory. - A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive...
CVE-2025-27519 Cognita Arbitrary File Write
Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...
CVE-2025-27519 Cognita Arbitrary File Write
Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...
Amazon Linux 2 : docker (ALASECS-2025-048)
The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-048 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to...
Amazon Linux 2 : docker (ALASDOCKER-2025-051)
The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-051 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead ...
Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-050)
The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-050 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims c...
Azure Linux 3.0 Security Update: docker-buildx / docker-compose / moby-compose / moby-engine (CVE-2024-23650)
The version of docker-buildx / docker-compose / moby-compose / moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23650 advisory. - BuildKit is a toolkit for converting source code to bui...
CVE-2024-35141
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges...
CBL Mariner 2.0 Security Update: docker-cli / moby-cli / moby-compose / moby-engine (CVE-2024-36623)
The version of docker-cli / moby-cli / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36623 advisory. - moby through v25.0.3 has a Race Condition vulnerability in the...
PT-2024-7952
Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Podman affected versions not specified Buildah affected versions not specified Description A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction, where the system...
Important: amazon-cloudwatch-agent
Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...
Important: amazon-cloudwatch-agent
Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...
CVE-2024-41110
creationtimestamp| type| source ---|---|--- 2024-07-24 12:40:48+00:00| published-proof-of-concept| https://t.me/HackingInsights/7215 2024-07-24 19:59:43+00:00| seen| https://t.me/cvedetector/1578 2024-07-25 07:55:26+00:00| seen| https://t.me/thehackernews/5313 2024-07-25 08:02:41+00:00| seen|...
CVE-2024-38363 Remote Code Execution (RCE) via Server Side Template Injection (SSTI) in Airbyte
Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new...
IBM Security Verify Access Security Vulnerability
IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies by using risk-based access, single sign-on, integrated access...
Medium: docker
Issue Overview: A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker...
CVE-2023-28960 Junos OS Evolved: Docker repository is world-writeable, allowing low-privileged local user to inject files into Docker containers
An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then...
SUSE CVE-2015-1843
The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position...