| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-0163 | IBM Security Verify Access information disclosure | IBM | Security Verify Access | Medium | 5.3 | 2025-06-11 14:20:29 | Deep Dive |
| CVE-2025-3911 | Exposure in Docker Desktop logs of environment variables configured for running containers | Docker | Docker Desktop | - | - | 2025-04-29 17:20:35 | Deep Dive |
| CVE-2025-4095 | Registry Access Management (RAM) policies not applied when sign-in enforcement is configured via a configuration profile | Docker | Docker Desktop | - | - | 2025-04-29 17:16:17 | Deep Dive |
| CVE-2025-3224 | Elevation of Privilege in Docker Desktop for Windows during Upgrade due to Insecure Directory Deletion | Docker | Docker Desktop | - | - | 2025-04-28 19:21:16 | Deep Dive |
| CVE-2025-32755 | Jenkins 安全漏洞 | Jenkins Project | Jenkins jenkins/ssh-slave Docker images | - | - | 2025-04-10 11:21:31 | Deep Dive |
| CVE-2025-32754 | Jenkins 安全漏洞 | Jenkins Project | Jenkins jenkins/ssh-agent Docker images | - | - | 2025-04-10 11:20:30 | Deep Dive |
| CVE-2025-0495 | Secrets leakage to telemetry endpoint via cache backend configuration via buildx | docker | buildx | 中危 | - | 2025-03-17 19:21:11 | Deep Dive |
| CVE-2025-1696 | Exposure of Proxy Credentials in Docker Desktop Logs | Docker | Docker Desktop | 中危 | - | 2025-03-06 11:58:43 | Deep Dive |
| CVE-2024-45647 | IBM Security Verify Access unverified password change | IBM | Security Verify Access | Medium | 5.6 | 2025-01-20 14:50:54 | Deep Dive |
| CVE-2024-35141 | IBM Security Verify Access privilege escalation | IBM | Security Verify Access Docker | High | 7.8 | 2024-12-19 01:10:06 | Deep Dive |
| CVE-2024-9348 | Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view | Docker | Docker Desktop | - | - | 2024-10-16 14:50:06 | Deep Dive |
| CVE-2024-8696 | A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2. | Docker | Docker Desktop | - | - | 2024-09-12 17:54:35 | Deep Dive |
| CVE-2024-8695 | A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. | Docker | Docker Desktop | - | - | 2024-09-12 17:52:55 | Deep Dive |
| CVE-2024-35133 | IBM Security Verify Access HTTP open redirect | IBM | Security Verify Access | Medium | 6.8 | 2024-08-29 16:39:44 | Deep Dive |
| CVE-2024-6222 | In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages | Docker Inc. | Docker Desktop | - | - | 2024-07-09 17:16:06 | Deep Dive |
| CVE-2024-5652 | In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode | Docker Inc. | Docker Desktop | Medium | 6.1 | 2024-07-09 17:07:09 | Deep Dive |
| CVE-2024-35139 | IBM Security Access Manager Docker information disclosure | IBM | Security Verify Access Docker | Medium | 6.2 | 2024-06-28 15:42:04 | Deep Dive |
| CVE-2024-35137 | IBM Security Access Manager Docker information disclosure | IBM | Security Verify Access Docker | Medium | 6.2 | 2024-06-28 15:33:11 | Deep Dive |
| CVE-2023-38370 | IBM Security Access Manager Docker information disclosure | IBM | Security Access Manager Docker | High | 7.5 | 2024-06-27 18:27:20 | Deep Dive |
| CVE-2023-38368 | IBM Security Access Manager Docker information disclosure | IBM | Security Access Manager Docker | Medium | 5.5 | 2024-06-27 18:25:40 | Deep Dive |