CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2026/05/22 6:32 p.m.•10 views

EUVD-2026-31484

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

8.8CVSS5.8AI score0.00021EPSS

Exploits0References2

CVE•added 2026/05/22 6:32 p.m.•56 views

CVE-2026-6406

CVE-2026-6406 describes a local privilege-escalation in Docker Desktop via Enhanced Container Isolation (ECI). When ECI is enabled, container-originated Docker socket mounts are denied unless explicitly allowed; however, the Docker CLI flag --use-api-socket mounts the Docker socket using HostConf...

8.8CVSS7.3AI score0.00021EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/05/22 6:32 p.m.•5 views

CVE-2026-6406

8.8CVSS7.3AI score0.00021EPSS

Exploits0References3Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2013-2319

Malware in sbrugna...

6.4CVSS6.4AI score0.00274EPSS

Exploits0References4

GithubExploit•added 2024/08/23 8:26 p.m.•248 views

Exploit for Improper Check for Unusual or Exceptional Conditions in Jenkins

Intro This is an exploit for CVE-2024-43044, an arbitrary fil...

8.8CVSS8.1AI score0.66369EPSS

Exploits4

Positive Technologies•added 2022/09/21 12:0 a.m.•6 views

PT-2022-25740 · Jenkins · Jenkins Anchore Container Image Scanner Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Anchore Container Image Scanner Plugin versions 1.0.24 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin does not escape content provided by the Anchore engi...

5.4CVSS5.2AI score0.20595EPSS

Exploits0References7

Hacker One•added 2021/06/06 7:56 p.m.•20 views

Elastic: Improper authorization on `/api/as/v1/credentials/` for Dev Role User with Limited Engine Access

Summary: Dear Team, Since 1168528 was resolved. I have checking again for other roles. At Dev Role with Limited Engine Access, an user still can access API endpoint /api/as/v1/credentials/ to get all API keys private-key, search-key ... Steps To Reproduce: 1 - Log in Kibana with the admin elastic...

0.2AI score

Exploits0

Cvelist•added 2018/12/14 8:0 p.m.•26 views

CVE-2018-20151

In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and rarely the password that was generated by default...

8.5AI score0.06796EPSS

Exploits0References8

Tenable Nessus•added 2018/10/19 12:0 a.m.•40 views

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20181018)

Security Fixes : - OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 - OpenJDK: Unrestricted access to scripting engine Scripting, 8202936 CVE-2018-3183 - OpenJDK: Incomplete enforcement of the trustURLCodebase restriction JNDI, 8199177 CVE-2018-3149 - OpenJDK: Incorrect handli...

9CVSS6.3AI score0.00589EPSS

Exploits2References8

OSV•added 2018/02/13 12:29 p.m.•1 views

UBUNTU-CVE-2018-1297

When using Distributed Test only RMI based, Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS7.3AI score0.17994EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by