39 matches found
CVE-2025-59886
Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...
EUVD-2025-204794
Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...
CVE-2025-59886
The CVE-2025-59886 issue affects Eaton xComfort ECI, specifically improper input validation at a web interface endpoint. This could allow a network-adjacent attacker to execute privileged commands on the device. Multiple sources corroborate a high-severity impact (CVSS 3.1: Network access, Privil...
EUVD-2009-0509
Malware in sbrugna...
EUVD-2022-43603
Malicious code in bioql PyPI...
Malicious code in @zalastax/nolb-eci (npm)
The package @zalastax/nolb-eci was found to contain malicious code...
MAL-2025-11272 Malicious code in @zalastax/nolb-eci (npm)
The package @zalastax/nolb-eci was found to contain malicious code...
CVE-2022-40306
The login form /Login in ECi Printanista Hub formerly FMAudit Printscout before 5.5.2 July 2023 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service DoS by requesting that form repeatedly...
O2 VoLTE 安全漏洞
O2 VoLTE is a way for O2 UK to make phone calls over a mobile network via an internet-based protocol. A security vulnerability exists in O2 VoLTE version 2025-05-17 and earlier, which stems from an ECI leak...
eci-promotion.fr Improper Access Control vulnerability OBB-3824462
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-5165 Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
CVE-2023-5165 Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
CVE-2023-5165
CVE-2023-5165 affects Docker Desktop: versions 4.13.0 through 4.22.x are vulnerable to bypassing Enhanced Container Isolation (ECI) via the debug shell, allowing an unprivileged user to access restricted functionality. The root cause is exposure of the debug shell after startup, with access windo...
CVE-2023-0629
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
Design/Logic Flaw
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
CVE-2023-0629 Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
CVE-2023-0629
Summary: CVE-2023-0629 affects Docker Desktop prior to 4.17.0, where an unprivileged user can bypass Enhanced Container Isolation (ECI) by setting the Docker host to docker.raw.sock or npipe:////.pipe/docker_engine_linux (Windows) via -H/DOCKER_HOST, allowing containers to run with reduced harden...
CVE-2022-40306
The login form /Login in ECi Printanista Hub formerly FMAudit Printscout before 5.5.2 July 2023 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service DoS by requesting that form repeatedly...
CVE-2022-40306
The login form /Login in ECi Printanista Hub formerly FMAudit Printscout before 5.5.2 July 2023 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service DoS by requesting that form repeatedly...
CVE-2022-40306
The login form /Login in ECi Printanista Hub formerly FMAudit Printscout before 5.5.2 July 2023 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service DoS by requesting that form repeatedly...