Filters
Software
Docker DesktopIn Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages
7.3
EPSS
0.04%
First published (updated )
Docker Docker DesktopIn Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE
7.8
First published (updated )
Docker Docker DesktopDocker Desktop 4.11.x allows --no-windows-containers flag bypass
7.8
First published (updated )
Docker Docker DesktopDocker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL
8
First published (updated )
Docker Docker DesktopDocker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Docker DesktopDocker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink att…
7.1
First published (updated )
Docker DesktopDocker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the …
7.8
First published (updated )
Docker DesktopDocker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destro…
7.1
First published (updated )
Docker DesktopIn Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed
7.5
First published (updated )
Docker Docker DesktopDocker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Docker Docker DesktopDocker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL
7.8
First published (updated )
Hitachi RAID Manager Storage Replication AdapterOS Command Injection Vulnerability in RAID Manager Storage Replication Adapter
8.8
First published (updated )
Docker Docker DesktopDocker Desktop 4.3.0 has Incorrect Access Control.
8.4
First published (updated )
Docker Docker DesktopDocker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any adm…
7.1
First published (updated )
Docker DockerDocker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue ex…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraDocker CLI leaks private registry credentials to registry-1.docker.io
7.5
First published (updated )
Docker DesktopDocker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is ab…
7.8
First published (updated )
IBM Security Verify AccessIBM Security Access Manager Docker uses weaker than expected cryptographic algorithms that could all…
7.5
First published (updated )
IBM Security Verify AccessIBM Security Access Manager Appliance could allow a user to impersonate another user on the system.
8
First published (updated )
IBM Security Verify AccessIBM Security Access Manager Docker could allow a remote authenticated attacker to execute arbitrary …
8.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Docker DockerDocker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local p…
7.8
First published (updated )
Docker DockerThe docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linu…
8.8
First published (updated )
Docker DockerThe version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory …
8.8
First published (updated )
Docker Docker Desktopcom.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client …
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Docker DesktopDocker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the co…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Docker DockerIn Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.…
7.5
First published (updated )
Docker DockerHandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-wi…
8.8
First published (updated )
go/github.com/docker/notaryIn Docker Notary before 0.1, gotuf/signed/verify.go has a Signature Algorithm Not Matched to Key vul…
7.5
First published (updated )
ubuntu/docker-registryDocker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Docker DockerDocker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allow…
7.5
First published (updated )
go/github.com/opencontainers/runclibcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a…
7.8
First published (updated )
Docker DockerLibcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process be…
7.2
First published (updated )
Docker DockerDocker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /p…
8.4
First published (updated )
go/github.com/docker/dockerLibcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount …
8.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Docker DockerDocker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code v…
7.5
First published (updated )
Fedoraproject FedoraDocker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allo…
7.2
First published (updated )
Docker DockerDocker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp us…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.