Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-114 (ALASDOCKER-2026-114)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-114 advisory. Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that...

OESA-2026-2138 moby security update

Docker is a product for you to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plug...

Medium: docker

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

Docker Engine 29.3.1 Multiple Vulnerabilities

The version of the Docker Engine installed on the remote host is prior to 29.3.1. It is therefore affected by multiple vulnerabilities: - CVE-2026-34040: AuthZ plugin authorization bypass vulnerability. Authorization plugins could be bypassed under specific conditions, potentially allowing...

GO-2026-4883 Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker

Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker...

PT-2026-29933

Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker...

CVE-2026-33997 Moby: Off-by-one error in plugin privilege validation

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

CVE-2026-33997 Moby: Off-by-one error in plugin privilege validation

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

CVE-2026-33997 Moby: Off-by-one error in plugin privilege validation

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

CVE-2026-33997

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the plugins privilege validation. An attacker can gain unauthorized access to sensitive plugin privileges by installing a malicious plugin that exploits the privilege comparison logic. - Remediation Upgrade...

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the plugins privilege validation. An attacker can gain unauthorized access to sensitive plugin privileges by installing a malicious plugin that exploits the privilege comparison logic. - Remediation Upgrade...

EUVD-2011-4041

Malware in sbrugna...

PT-2025-34740

Name of the Vulnerable Software and Affected Versions: Dokan Pro versions prior to 4.0.6 Description: The Dokan Pro plugin for WordPress is susceptible to privilege escalation via account takeover. The issue stems from insufficient user identity validation during staff password resets, allowing...

CVE-2025-54735 WordPress CubeWP Framework Plugin <= 1.1.24 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Privilege Escalation.This issue affects CubeWP: from n/a through = 1.1.24...

WordPress CubeWP Framework Plugin <= 1.1.24 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin CubeWP versions = 1.1.24...

WordPress WPGYM plugin <= 67.7.0 - Missing Authorization to Admin Account Creation vulnerability

Missing Authorization to Admin Account Creation vulnerability discovered by Foxyyy in WordPress Plugin WPGYM versions = 67.7.0...

WordPress SEO Metrics plugin <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vulnerability

Missing Authorization to Authenticated Subscriber+ Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin SEO Metrics versions = 1.0.15...

WordPress Service Finder SMS System plugin <= 2.0.0 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Foxyyy in WordPress Plugin Service Finder SMS System versions = 2.0.0...

WordPress Bookify <= 1.0.9 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by Denver Jackson in WordPress Plugin Bookify versions = 1.0.9...