CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

584 matches found

Github Security Blog•added 2022/09/16 9:0 p.m.•39 views

Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...

6.3CVSS6.4AI score0.00039EPSS

Exploits0References10Affected Software1

Tenable Nessus•added 2022/09/14 12:0 a.m.•35 views

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2022-2311)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

7.5CVSS7.3AI score0.04746EPSS

Exploits3References4

Positive Technologies•added 2022/09/14 12:0 a.m.•2 views

PT-2022-6457 · Docker +10 · Moby +10

Name of the Vulnerable Software and Affected Versions: containerd versions prior to 1.6.18 and 1.5.18 Moby Docker Engine versions prior to 20.10.18 CRI-O affected versions not specified Buildah affected versions not specified Podman affected versions not specified Description: A bug was found in...

9.8CVSS6.8AI score0.06046EPSS

Exploits11References203

OpenVAS•added 2022/09/14 12:0 a.m.•32 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2311)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.04746EPSS

Exploits3References2

NVD•added 2022/09/09 6:15 p.m.•14 views

CVE-2022-36109

6.3CVSS0.00039EPSS

Exploits0References8

OSV•added 2022/09/09 6:15 p.m.•1 views

DEBIAN-CVE-2022-36109

6.3CVSS6.4AI score0.00039EPSS

Exploits0References1

Prion•added 2022/09/09 6:15 p.m.•27 views

Information disclosure

6.5CVSS6.2AI score0.00039EPSS

Exploits0References5Affected Software2

UbuntuCve•added 2022/09/09 6:15 p.m.•38 views

CVE-2022-36109

6.3CVSS6.8AI score0.00039EPSS

Exploits0References4

OSV•added 2022/09/09 6:15 p.m.•0 views

UBUNTU-CVE-2022-36109

6.3CVSS6.7AI score0.00039EPSS

Exploits0References5

OSV•added 2022/09/09 5:20 p.m.•25 views

CVE-2022-36109 Moby vulnerability relating to supplementary group permissions

5.3CVSS6.2AI score0.00039EPSS

Exploits0References10

Debian CVE•added 2022/09/09 5:20 p.m.•64 views

CVE-2022-36109

6.3CVSS5.4AI score0.00039EPSS

Exploits0

AlpineLinux•added 2022/09/09 5:20 p.m.•62 views

CVE-2022-36109

6.3CVSS6.2AI score0.00039EPSS

Exploits0

CVE•added 2022/09/09 5:20 p.m.•164 views

CVE-2022-36109

CVE-2022-36109 concerns a bug in Moby/Docker Engine where supplementary groups are not set up correctly inside a container. An attacker with access to a container could manipulate supplementary group access to bypass primary group restrictions, potentially exposing sensitive information or enabli...

6.3CVSS6AI score0.00039EPSS

Exploits0References8Affected Software1

Vulnrichment•added 2022/09/09 5:20 p.m.•3 views

CVE-2022-36109 Moby vulnerability relating to supplementary group permissions

5.3CVSS6.3AI score0.00039EPSS

Exploits0References6

Positive Technologies•added 2022/09/09 12:0 a.m.•4 views

PT-2022-4745 · Docker +4 · Moby +5

Name of the Vulnerable Software and Affected Versions: Moby Docker Engine versions prior to 20.10.18 Description: The issue is related to the improper setup of supplementary groups in Moby Docker Engine, which can allow an attacker with direct access to a container to bypass primary group...

9.9CVSS6.1AI score0.03345EPSS

Exploits2References97

Tenable Nessus•added 2022/09/06 12:0 a.m.•38 views

Amazon Linux 2022 : containerd, containerd-stress, docker (ALAS2022-2022-054)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-054 advisory. A flaw was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with...

5.9CVSS6.8AI score0.00097EPSS

Exploits0References3

Positive Technologies•added 2022/08/22 12:0 a.m.•3 views

PT-2022-19895 · Docker +7 · Moby +8

Name of the Vulnerable Software and Affected Versions: Moby Docker Engine versions prior to 20.10.18 Podman affected versions not specified CRI-O affected versions not specified Buildah affected versions not specified Docker affected versions not specified Description: An incorrect handling of...

8.8CVSS9AI score0.33273EPSS

Exploits16References274

OpenVAS•added 2022/08/18 12:0 a.m.•30 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2218)

7.5CVSS7.1AI score0.04746EPSS

Exploits3References2

Tenable Nessus•added 2022/08/18 12:0 a.m.•80 views

EulerOS 2.0 SP5 : docker (EulerOS-SA-2022-2265)

According to the versions of the docker package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempting to...

7.5CVSS7.3AI score0.04746EPSS

Exploits3References4

OpenVAS•added 2022/08/18 12:0 a.m.•23 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2240)

7.8CVSS7.3AI score0.04746EPSS

Exploits3References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by