Security update for docker

This update for docker fixes the following issues: Update to Docker 28.3.3-ce: CVE-2025-54388: firewalld reload can make published container ports accessible from remote hosts bsc1247367 Update to docker-buildx v0.26.1. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:20565-1 Security update for docker

This update for docker fixes the following issues: - Update to Docker 28.3.3-ce: CVE-2025-54388: firewalld reload can make published container ports accessible from remote hosts bsc1247367 - Update to docker-buildx v0.26.1...

Photon OS 4.0: Docker PHSA-2025-4.0-0856

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0856. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2025-9074

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...

CVE-2025-9074 Docker Desktop allows unauthenticated access to Docker Engine API from containers

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...

CVE-2025-9074 Docker Desktop allows unauthenticated access to Docker Engine API from containers

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...

CVE-2025-9074

CVE-2025-9074 : Docker Desktop exposes the Docker Engine API on the internal subnet (example: 192.168.65.7:2375) without authentication, enabling a container to create a privileged container that mounts host filesystem access. Public writeups and exploits in the connected literature demonstrate a...

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...

CVE-2025-57734

In JetBrains TeamCity, versions prior to 2025.07.1 expose AWS credentials inside Docker script files, constituting an information disclosure vulnerability. Supported by multiple sources in the connected set (e.g., Red Hat advisory and PT Security note) consistently identifying the affected softwa...

Exploit for Improper Input Validation in Tvt Td-2108Ts-Cl_Firmware

CVE-2025-34036 - TVT DVR Simulation This repository contains...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from an information disclosure vulnerability th...

Docker Desktop 安全漏洞

Docker Desktop is a desktop software for lightweight deployment of applications based on container technology from Docker Inc. in the United States. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

PT-2025-34057

Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.44.3 Description A flaw in the container isolation mechanism of Docker Desktop for Windows and macOS allows local Linux containers to gain unauthenticated access to the Docker Engine API via the configured...

Linux Distros Unpatched Vulnerability : CVE-2022-27650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby Docker Engine where...

PT-2025-34035 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07.1 Description: TeamCity was affected by an issue where AWS credentials were exposed in Docker script files. Recommendations: Update to TeamCity version 2025.07.1 or later...

Linux Distros Unpatched Vulnerability : CVE-2022-27649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby Docker Engine, where...

SUSE SLED15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2025:02914-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02914-1 advisory. - Update to Docker 28.3.3-ce. - CVE-2025-54388: Fixed a bug where firewalld when reloaded can make...