CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9237 matches found

Positive Technologies•added 2025/10/30 12:0 a.m.•7 views

PT-2025-44504

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.2 Description Nagios XI versions prior to 2024R1.2 have a command injection issue in the Docker Wizard. A lack of proper input validation allows a user with administrator privileges to inject shell...

9.4CVSS7.5AI score0.03833EPSS

Exploits0References6

GithubExploit•added 2025/10/29 8:27 a.m.•1064 views

Exploit for CVE-2025-55752

CVE-2025-55752: Apache Tomcat Path Traversal Vulnerability A...

10CVSS9.8AI score0.99945EPSS

Exploits61

SUSE CVE•added 2025/10/29 12:23 a.m.•1 views

SUSE CVE-2025-62725

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker-supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

8.3CVSS8.8AI score0.13848EPSS

Exploits0References7

Tenable Nessus•added 2025/10/29 12:0 a.m.•4 views

Docker Desktop for Windows < 4.49.0 Privilege Escalation (CVE-2025-9164)

The version of Docker Desktop for Windows installed on the remote host is prior to 4.49.0. It is, therefore, affected by a privilege escalation vulnerability: - Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs i...

8.8CVSS5.5AI score0.00099EPSS

Exploits0References3

GithubExploit•added 2025/10/28 7:50 p.m.•110 views

WordPressCVEExploitProject

CVE Session 1 How to Run exploit 1. Build the docker...

6.7AI score

Exploits0

Imperva Blog•added 2025/10/28 5:27 p.m.•8 views

CVE-2025-62725: From “docker compose ps” to System Compromise

Docker Compose powers millions of workflows, from CI/CD runners and local development stacks to cloud workspaces and enterprise build pipelines. It’s trusted by developers as the friendly layer above Docker Engine that turns a few YAML lines into a running application. In early October 2025, whil...

8.9CVSS7AI score0.13848EPSS

Exploits0

RedhatCVE•added 2025/10/28 3:4 p.m.•5 views

CVE-2025-9164

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

8.8CVSS7AI score0.00099EPSS

Exploits0References1

RedhatCVE•added 2025/10/28 5:32 a.m.•6 views

CVE-2025-62725

Docker Compose is vulnerable to a path traversal flaw in how it handles OCI artifact layer annotations. When processing remote OCI compose artifacts, Compose trusts attacker-controlled annotation fields such as com.docker.compose.extends and com.docker.compose.envfile. This allows a crafted...

8.9CVSS7.1AI score0.13848EPSS

Exploits0References5

Tenable Nessus•added 2025/10/28 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-62725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or...

8.9CVSS7.6AI score0.13848EPSS

Exploits0References2

Tenable Nessus•added 2025/10/28 12:0 a.m.•5 views

Amazon Linux 2 : docker, --advisory ALAS2ECS-2025-076 (ALASECS-2025-076)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-076 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container...

5.2CVSS6.8AI score0.00141EPSS

Exploits0References4

OpenVAS•added 2025/10/28 12:0 a.m.•1 views

Fedora: Security Advisory (FEDORA-2025-f2bcb1f99e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score

Exploits0References4

OpenVAS•added 2025/10/28 12:0 a.m.•3 views

Fedora: Security Advisory (FEDORA-2025-bf271e904b)

6.5CVSS6.8AI score0.0045EPSS

Exploits0References4

OpenVAS•added 2025/10/28 12:0 a.m.•5 views

Fedora: Security Advisory (FEDORA-2025-025aff9420)

7.8CVSS6.8AI score0.0045EPSS

Exploits3References6

OpenVAS•added 2025/10/28 12:0 a.m.•4 views

Fedora: Security Advisory (FEDORA-2025-f7a2d648e7)

6.5CVSS6.8AI score0.00489EPSS

Exploits1References6

OpenVAS•added 2025/10/28 12:0 a.m.•2 views

Fedora: Security Advisory (FEDORA-2025-d81c797483)

6.5CVSS6.8AI score0.00489EPSS

Exploits1References7