CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9255 matches found

NVD•added 2020/07/13 10:15 p.m.•21 views

CVE-2020-14300

The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 https://access.redhat.com/errata/RHBA-2020:0053 included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in...

8.8CVSS0.00385EPSS

Exploits0References4

Prion•added 2020/07/13 10:15 p.m.•28 views

Code injection

4.6CVSS7AI score0.00385EPSS

Exploits0References4Affected Software2

UbuntuCve•added 2020/07/13 10:15 p.m.•31 views

CVE-2020-14300

8.8CVSS7.1AI score0.00385EPSS

Exploits0References1

NVD•added 2020/07/13 9:15 p.m.•19 views

CVE-2020-14298

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the...

8.8CVSS0.00323EPSS

Exploits0References4

OSV•added 2020/07/13 9:15 p.m.•31 views

CVE-2020-14298

8.8CVSS7.1AI score0.9857EPSS

Exploits33References4

UbuntuCve•added 2020/07/13 9:15 p.m.•28 views

CVE-2020-14298

8.8CVSS7.1AI score0.00323EPSS

Exploits0References1

Prion•added 2020/07/13 9:15 p.m.•32 views

Design/Logic Flaw

4.6CVSS8.2AI score0.9857EPSS

Exploits33References4Affected Software3

Debian CVE•added 2020/07/13 9:2 p.m.•46 views

CVE-2020-14300

8.8CVSS7.5AI score0.00385EPSS

Exploits0

CVE•added 2020/07/13 9:2 p.m.•122 views

CVE-2020-14300

CVE-2020-14300 affects Red Hat Enterprise Linux 7 Extras Docker packaging (docker-1.13.1-108.git4ef4b30.el7). The issue arises from an incorrect runc version in that package, regressing the fix for CVE-2016-9962 and potentially allowing a process inside a container to escape the container namespa...

8.8CVSS7.1AI score0.00385EPSS

Exploits0References4Affected Software2

Cvelist•added 2020/07/13 9:2 p.m.•25 views

CVE-2020-14300

7.2AI score0.00385EPSS

Exploits0References4

CVE•added 2020/07/13 8:53 p.m.•122 views

CVE-2020-14298

CVE-2019-5736 (runc escape) is a widely noticed container escape vulnerability in runc. Multiple sources describe that runc handled file descriptors related to /proc/self/exe insecurely, allowing a container to overwrite the host’s runc binary and potentially execute arbitrary commands on the hos...

8.8CVSS8.5AI score0.00323EPSS

Exploits0References4Affected Software3

Cvelist•added 2020/07/13 8:53 p.m.•27 views

CVE-2020-14298

8.7AI score0.00323EPSS

Exploits0References4

Debian CVE•added 2020/07/13 8:53 p.m.•55 views

CVE-2020-14298

8.8CVSS7.3AI score0.00323EPSS

Exploits0

Positive Technologies•added 2020/07/13 12:0 a.m.•5 views

PT-2020-13964 · Open Container Initiative +1 · Runc +1

Name of the Vulnerable Software and Affected Versions: docker version 1.13.1-108.git4ef4b30.el7 Description: This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. The problem arose due to an incorrect version of...

9.3CVSS6.9AI score0.9857EPSS

Exploits33References7

Positive Technologies•added 2020/07/13 12:0 a.m.•3 views

PT-2020-13966 · Docker +2 · Docker +1

8.8CVSS7.3AI score0.00385EPSS

Exploits0References7

Gitee•added 2020/07/12 3:58 p.m.•7 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including ones for CVE-2016-9086, CVE-2017-1000353,...

9.8CVSS7.5AI score0.99686EPSS

Exploits53

Gitee•added 2020/07/11 2:52 p.m.•6 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned...

6.5CVSS6.8AI score0.05388EPSS

Exploits39

Gitee•added 2020/07/10 9:53 a.m.•3 views

vulhub-200710

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable environments based on Docker-Compose, designed for web application security training. The tool is not explicitly stated to be a PoC exploit or an exploit module/toolkit, but...

7AI score

Exploits0

Gitee•added 2020/07/10 9:51 a.m.•8 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly mentioned, but the project is based on various vulnerabilities, including CVE-2016-9086, CVE-2013-4547, CVE-2017-1000353, and CVE-2018-1000006. The target product/service or framework...

9.8CVSS7.6AI score0.99686EPSS

Exploits53

Gitee•added 2020/07/09 9:36 a.m.•6 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but the context suggests it is related to a GitLab...

6.5CVSS6.6AI score0.05388EPSS

Exploits39

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by