9245 matches found
vulhub
It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable environments based on Docker-Compose, allowing users to easily set up and test various web application vulnerabilities. The tool is designed for security training and...
CVE-2020-11492
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service which runs as SYSTEM, and then impersonate their privileges...
CVE-2020-11492
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service which runs as SYSTEM, and then impersonate their privileges...
Design/Logic Flaw
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service which runs as SYSTEM, and then impersonate their privileges...
CVE-2020-11492
Docker Desktop for Windows
CVE-2020-11492
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service which runs as SYSTEM, and then impersonate their privileges...
Docker < 19.03.11 IPv6 Spoofing Vulnerability
Docker is prone to an IPv6 spoofing vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
vulhub
It is an offensive tool for web application security training. The target product/service or framework is a collection of vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector is various, including SQL injection, cross-site...
Amazon Linux AMI : docker (ALAS-2020-1376)
The version of docker installed on the remote host is prior to 19.03.6ce-4.58. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1376 advisory. An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft...
vulhub
It is an offensive tool for vulnerable environments. The target product/service or framework is a collection of pre-built vulnerable docker environments. The vulnerability class/vector is various, including but not limited to SQL injection, cross-site scripting, and remote code execution. The...
Docker Engine Input Validation Error Vulnerability
Docker Engine is a set of lightweight runtime environments and package management tools from Docker, Inc. An input validation error vulnerability exists in Docker Engine versions prior to 19.03.11, which stems from the fact that the network connection created receives IPv6 router notices by...
Important: docker
Issue Overview: An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.CVE-2020-13401 Affected...
vulhub
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for vulnerability research and testing. The target product/service or framework is various, including Flask, Apache, Nginx, and Jenkins. The vulnerability class/vector is not specified, but it...
CVE-2020-13401
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...
DEBIAN-CVE-2020-13401
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...
CVE-2020-13401
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...
Code injection
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...
CVE-2020-13401
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...
UBUNTU-CVE-2020-13401
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...
EUVD-2022-1160
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...