584 matches found
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2026-1230)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.06 (SP) : docker-ce Vulnerability (NS-SA-2026-0028)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set ...
CVE-2026-27734
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the container query parameter in GET /api/beszel/containers/logs and GET /api/beszel/containers/info endpoints, which is passed without validation to the agent and interpolated directly into Docker API URLs. An...
EUVD-2026-9053
Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID...
Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID
Summary The hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URLs using fmt.Sprintf with the raw value instead of...
CVE-2026-27734
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...
Docker Desktop 4.44.3 - Unauthenticated API Exposure
Exploit Title: Docker Desktop 4.44.3 - Unauthenticated API Exposure Date: 2025-10-06 Exploit Author: OilSeller2001 Vendor Homepage: https://www.docker.com/ Software Link: https://www.docker.com/products/docker-desktop/ Version: Affected on Windows and macOS versions prior to 4.44.3 Tested on:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: docker (UTSA-2026-000515)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000515 advisory. Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, whic...
Security Bulletin: Firewalld Reload Bypasses Localhost Port Restrictions in Moby (Docker Engine) Prior to 28.3.3, affects watsonx.data
Summary Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules...
Exploit for CVE-2025-9074
CVE-2025-9074: Docker Desktop Container Escape PoC !CVEhtt...
TencentOS Server 4: moby (TSSA-2024:0335)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0335 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
EUVD-2014-8020
Malware in sbrugna...
EUVD-2014-8019
Malware in sbrugna...
EUVD-2016-9692
Malware in sbrugna...
EUVD-2018-13246
Malware in sbrugna...
EUVD-2016-10035
Malware in sbrugna...
EUVD-2024-0274
Malicious code in bioql PyPI...
EUVD-2024-0966
Malicious code in bioql PyPI...
EUVD-2022-0916
Malicious code in bioql PyPI...