9275 matches found
CVE-2023-0625
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0633
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0626
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0626
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...
Design/Logic Flaw
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...
Code injection
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...
Design/Logic Flaw
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
Code injection
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0...
Design/Logic Flaw
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
Code injection
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0633
CVE-2023-0633 affects Docker Desktop on Windows prior to 4.12.0. The vulnerability is an argument injection to the installer, which may result in local privilege escalation (LPE). Impact is high (C/H/I/H/A/H in NVD metrics; LOCAL attack vector; no user interaction required in some vectors). Publi...
CVE-2023-0633 In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0633 In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0627
Docker Desktop 4.11.x is affected by CVE-2023-0627 due to IPC response spoofing that bypasses the --no-windows-containers flag, enabling Local Privilege Escalation. The root cause is spoofed IPC responses within Docker Desktop, which can let a local attacker escalate privileges. The available ref...
CVE-2023-0626
CVE-2023-0626 affects Docker Desktop prior to 4.12.0, where an RCE vulnerability exists via query parameters in the message-box route. Root cause is an insecure handling of query parameters in the message-box endpoint, leading to remote code execution with high impact on confidentiality, integrit...
CVE-2023-0626 Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0625 Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...
CVE-2023-0625 Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...