9186 matches found
Exploit for OS Command Injection in Docker
This repository is an offensive tool for container exploitation. The primary capability of this tool is to perform a container breakout via exposed Docker daemons docker.sock, CVE-2019-5736, and privileged container breakout via enabled CAPS and SYSCALLS. It also extracts data from Linux Kernel...
CVE-2017-20198
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369 dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369 dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
NewStart CGSL MAIN 7.02 : docker-ce Vulnerability (NS-SA-2025-0150)
The remote NewStart CGSL host, running version MAIN 7.02, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is bui...
Exploit for Path Traversal in Jenkins
Jenkins CVE-2024-23897 Lab Уязвимость чтения произвольных фай...
PT-2025-31368
Name of the Vulnerable Software and Affected Versions Moby versions 28.2.0 through 28.3.2 Description Moby is an open source container framework developed by Docker Inc. When the firewalld service is reloaded, it removes all iptables rules, including those created by Docker. In affected versions,...
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
The threat actor behind the exploitation of vulnerable Craft Content Management System CMS instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been attributed to a threat actor tracked as Mimo aka Hezb, which has a long history of leveragin...
CVE-2017-20198
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2017-20198
CVE-2017-20198 affects DC/OS Marathon UI
CVE-2017-20198 DC/OS Marathon UI < 1.9.0 Unauthenticated RCE via Docker Mount Abuse
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2017-20198 DC/OS Marathon UI < 1.9.0 Unauthenticated RCE via Docker Mount Abuse
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
D2iQ DC/OS Marathon 安全漏洞
D2iQ DC/OS Marathon is a native task scheduler from US-based D2iQ. A security vulnerability exists in D2iQ DC/OS Marathon versions prior to 1.9.0, which stems from an insufficient restriction on volume mount configurations that could lead to arbitrary Docker container deployments...
PT-2025-30583 · Mesosphere +1 · Marathon +2
Name of the Vulnerable Software and Affected Versions: DC/OS versions prior to 1.9.0 Description: The Marathon UI in DC/OS allows unauthenticated users to deploy arbitrary Docker containers. Improper restriction of volume mount configurations allows attackers to deploy a container that mounts the...
broad-dagster-utils (=2.0.0a7), dagit (>=0.5.1 <=1.10.15) +71 more potentially affected by CVE-2025-51481 via dagster (>=0.1.1 <=1.10.15)
dagster PYPI version =0.1.1, =0.5.1, =0.16.0, =0.5.4, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =1.0.0, =1.10.0, =1.0.0, =0.16.0, =0.26.15 and more Source cves: CVE-2025-51481 Source advisory: OSV:GHSA-H7X8-JV97-FVVM...
io.telicent.smart-caches.graph:docker (>=0.82.10 <=0.83.11), io.telicent.smart-caches.graph:scg-system (>=0.82.10 <=0.83.11) +1 more potentially affected by CVE-2025-49656 via org.apache.jena:jena-fuseki-webapp (>=5.0.0-rc1 <=5.4.0)
org.apache.jena:jena-fuseki-webapp MAVEN version =5.0.0-rc1, =0.82.10, =0.82.10, =5.0.0, =5.4.0 Source cves: CVE-2025-49656 Source advisory: SNYK:JAVA-ORGAPACHEJENA-10874850...
SUSE SLES12 Security Update : docker (SUSE-SU-2025:02366-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02366-1 advisory. Update to Docker 28.2.2-ce bsc1243833, bsc1242114: - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be place...