Malicious code in setup-docker (npm)

The package setup-docker was found to contain malicious code...

Malicious code in @marcos_feitoza/docker-image (npm)

The package @marcosfeitoza/docker-image was found to contain malicious code...

MAL-2025-9092 Malicious code in @marcos_feitoza/docker-image (npm)

The package @marcosfeitoza/docker-image was found to contain malicious code...

MAL-2025-33024 Malicious code in setup-docker (npm)

The package setup-docker was found to contain malicious code...

CVE-2025-40766

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...

Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks

New research has uncovered Docker images on Docker Hub that contain the infamous XZ Utils backdoor, more than a year after the discovery of the incident. More troubling is the fact that other images have been built on top of these infected base images, effectively propagating the infection furthe...

CVE-2025-40766

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...

CVE-2025-40767

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host...

CVE-2025-40766

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...

CVE-2025-40767

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host...

CVE-2025-40767

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host...

CVE-2025-40767

CVE-2025-40767 affects Siemens SINEC Traffic Analyzer (versions prior to 3.0). All connected sources consistently describe a weakness where the application runs docker containers without adequate isolation, enabling an attacker with local access to potentially gain elevated privileges and access ...

CVE-2025-40766

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...

CVE-2025-40766

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...

CVE-2025-40766

The CVE-2025-40766 vulnerability affects Siemens SINEC Traffic Analyzer versions prior to 3.0. The issue arises from docker containers running with insufficient resource and security limitations, enabling a local attacker to perform a denial-of-service (DoS) attack. Evidence across multiple sourc...

Network Isolation Bypass

github.com/moby/moby is vulnerable to network isolation bypass. The vulnerability is due to Docker failing to re-create iptables rules isolating bridge networks after firewalld reload, which allows an attacker to access all ports of containers across different bridge networks on the same host,...

Siemens SINEC Traffic Analyzer 安全漏洞

Siemens SINEC Traffic Analyzer is a network traffic analysis tool from Siemens Germany. A security vulnerability exists in Siemens SINEC Traffic Analyzer versions prior to V3.0, which stems from insufficient docker container isolation controls and could lead to elevated privileges...

Siemens SINEC Traffic Analyzer 资源管理错误漏洞

Siemens SINEC Traffic Analyzer is a network traffic analysis tool from Siemens Germany. A resource management error vulnerability exists in Siemens SINEC Traffic Analyzer versions prior to V3.0, which stems from insufficient resource limitations in docker containers and could lead to a denial of...

PT-2025-32661

Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer versions prior to 3.0 Description: The application runs docker containers without adequate resource and security limitations, which could allow an attacker to perform a denial-of-service DoS attack. Recommendations:...

Jenkins ssh-agent Docker Image < 6.11.2 SSH Host Key Reuse

According to their self-reported version numbers, the jenkins/ssh-agent docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on...