541 matches found
Exploit for SQL Injection in Sangoma Freepbx
Work in Progress FreePBX CVE-2025-57819 Lab - Unauth SQLi →...
CVE-2025-34159
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting...
CVE-2025-34159
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting...
CVE-2025-34159
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting...
CVE-2025-34159
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting...
CVE-2025-34159 Coolify Docker Compose Directive Injection in Application Deployment Workflow
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting...
CVE-2025-34159 Coolify Docker Compose Directive Injection in Application Deployment Workflow
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting...
CVE-2025-34159
CVE-2025-34159 affects Coolify
PT-2025-34900
Name of the Vulnerable Software and Affected Versions: Coolify versions prior to v4.0.0-beta.420.6 Description: Coolify is susceptible to a remote code execution issue within the application deployment workflow. Authenticated users with low-level member privileges can inject arbitrary Docker...
CVE-2025-55740
nginx-defender is a high-performance, enterprise-grade Web Application Firewall WAF and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml and docker-compose.yml...
GHSA-PR72-8FXW-XX22 Default Credentials in nginx-defender Configuration Files
Impact This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml, docker-compose.yml contain default credentials defaultpassword: "changemeplease", GFSECURITYADMINPASSWORD=admin123. If users deploy nginx-defender without changing these...
CVE-2025-55740
nginx-defender is a high-performance, enterprise-grade Web Application Firewall WAF and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml and docker-compose.yml...
CVE-2025-55740 Default Credentials in nginx-defender Configuration Files
nginx-defender is a high-performance, enterprise-grade Web Application Firewall WAF and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml and docker-compose.yml...
CVE-2025-54388 vulnerabilities
Vulnerabilities for packages: zot, docker-compose-fips, wolfictl, cadvisor, apko-fips, zarf, melange, trufflehog-fips, bootc-image-builder, opentelemetry-collector-contrib-fips, prometheus-fips, splunk-otel-collector, docker-cli-buildx, docker-compose, cadvisor-fips, kargo, beats-fips, nerdctl,...
Fedora 43 : docker-compose (2025-025aff9420)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-025aff9420 advisory. Automatic update for docker-compose-2.36.1-1.fc43. Changelog Mon May 19 2025 Bradley G Smith - 2.36.1-1 - Update to release v2.36.1 - Resolves:...
szluyu99 gin-vue-blog 安全漏洞
szluyu99 gin-vue-blog is a Golang full-stack blog by Zhenyu personal developer, supporting Docker Compose one-click deployment. Based on the latest front-end and back-end technology stack Vue3, TS, Unocs, Redis and so on. The front-end contains a blog post display front , blog background manageme...
SUSE-SU-2025:20385-1 Security update for docker-compose
This update for docker-compose fixes the following issues: Update to version 2.33.1: Improvements - Add support for gwpriority, enableipv4 requires docker v28.0 by @thaJeztah in 12570 Fixes - Run watch standalone if menu fails to start by @ndeloof in 12536 - Report error using non-file...
CVE-2025-47290 vulnerabilities
Vulnerabilities for packages: docker-compose, neuvector-scanner...
GHSA-CM76-QM8V-3J95 vulnerabilities
Vulnerabilities for packages: docker-compose, neuvector-scanner...
CVE-2025-47290 vulnerabilities
Vulnerabilities for packages: docker-compose-fips, neuvector-scanner, docker-compose, neuvector, neuvector-fips...