Lucene search
K

9275 matches found

NVD
NVD
added 2023/09/25 4:15 p.m.14 views

CVE-2023-0625

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...

9.8CVSS8.2AI score0.00739EPSS
Exploits0References1
NVD
NVD
added 2023/09/25 4:15 p.m.22 views

CVE-2023-0633

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...

7.8CVSS7.5AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2023/09/25 4:15 p.m.25 views

CVE-2023-0626

Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...

9.8CVSS8.3AI score0.00739EPSS
Exploits0References1
OSV
OSV
added 2023/09/25 4:15 p.m.3 views

CVE-2023-0626

Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...

9.8CVSS5.8AI score0.00739EPSS
Exploits0References1
Prion
Prion
added 2023/09/25 4:15 p.m.17 views

Design/Logic Flaw

Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...

7.5CVSS9.3AI score0.00739EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/09/25 4:15 p.m.15 views

Code injection

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...

7.5CVSS9.2AI score0.00739EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/09/25 4:15 p.m.23 views

Design/Logic Flaw

Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...

4.3CVSS8.5AI score0.00225EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/09/25 4:15 p.m.15 views

Code injection

Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0...

4.3CVSS6.4AI score0.00683EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/09/25 4:15 p.m.17 views

Design/Logic Flaw

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...

4.3CVSS7.6AI score0.00242EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/09/25 4:15 p.m.14 views

Code injection

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...

4.3CVSS7.8AI score0.00269EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/25 3:32 p.m.63 views

CVE-2023-0633

CVE-2023-0633 affects Docker Desktop on Windows prior to 4.12.0. The vulnerability is an argument injection to the installer, which may result in local privilege escalation (LPE). Impact is high (C/H/I/H/A/H in NVD metrics; LOCAL attack vector; no user interaction required in some vectors). Publi...

7.8CVSS7.5AI score0.00269EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/25 3:32 p.m.15 views

CVE-2023-0633 In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...

7.2CVSS7.3AI score0.00269EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/25 3:32 p.m.22 views

CVE-2023-0633 In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation LPE.This issue affects Docker Desktop: before 4.12.0...

7.2CVSS8.1AI score0.00269EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/25 3:31 p.m.14 views

CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...

6.7CVSS7AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/25 3:31 p.m.25 views

CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...

6.7CVSS7.8AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2023/09/25 3:31 p.m.56 views

CVE-2023-0627

Docker Desktop 4.11.x is affected by CVE-2023-0627 due to IPC response spoofing that bypasses the --no-windows-containers flag, enabling Local Privilege Escalation. The root cause is spoofed IPC responses within Docker Desktop, which can let a local attacker escalate privileges. The available ref...

7.8CVSS6.8AI score0.00242EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/25 3:31 p.m.80 views

CVE-2023-0626

CVE-2023-0626 affects Docker Desktop prior to 4.12.0, where an RCE vulnerability exists via query parameters in the message-box route. Root cause is an insecure handling of query parameters in the message-box endpoint, leading to remote code execution with high impact on confidentiality, integrit...

9.8CVSS8.3AI score0.00739EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/25 3:31 p.m.13 views

CVE-2023-0626 Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route

Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0...

8CVSS6.9AI score0.00739EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/25 3:31 p.m.11 views

CVE-2023-0625 Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...

8CVSS6.8AI score0.00739EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/25 3:31 p.m.17 views

CVE-2023-0625 Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0...

8CVSS9.5AI score0.00739EPSS
Exploits0References1
Rows per page
Query Builder