| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-38267 | IBM Security Access Manager Appliance information disclosure | IBM | Security Verify Access Appliance | Medium | 6.2 | 2024-01-11 02:48:49 | Deep Dive |
| CVE-2023-31001 | IBM Security Access Manager Container information disclosure | IBM | Security Verify Access Appliance | Medium | 5.1 | 2024-01-11 02:44:33 | Deep Dive |
| CVE-2023-31003 | IBM Security Access Manager Container privilege escalation | IBM | Security Verify Access Appliance | High | 8.4 | 2024-01-11 02:22:45 | Deep Dive |
| CVE-2023-0633 | In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE | Docker Inc. | Docker Desktop | High | 7.2 | 2023-09-25 15:32:20 | Deep Dive |
| CVE-2023-0627 | Docker Desktop 4.11.x allows --no-windows-containers flag bypass | Docker Inc. | Docker Desktop | Medium | 6.7 | 2023-09-25 15:31:59 | Deep Dive |
| CVE-2023-0626 | Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route | Docker Inc. | Docker Desktop | High | 8.0 | 2023-09-25 15:31:38 | Deep Dive |
| CVE-2023-0625 | Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog | Docker Inc. | Docker Desktop | High | 8.0 | 2023-09-25 15:31:09 | Deep Dive |
| CVE-2023-5166 | Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL | Docker Inc. | Docker Desktop | High | 8.0 | 2023-09-25 15:30:10 | Deep Dive |
| CVE-2023-5165 | Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell | Docker Inc. | Docker Desktop | High | 7.1 | 2023-09-25 15:29:13 | Deep Dive |
| CVE-2023-40350 | Jenkins Plugin Docker Swarm 跨站脚本漏洞 | Jenkins Project | Jenkins Docker Swarm Plugin | 中危 | - | 2023-08-16 14:32:58 | Deep Dive |
| CVE-2023-30433 | IBM Security Verify Access HTTP open redirect | IBM | Security Verify Access Docker | Medium | 6.5 | 2023-07-19 00:42:26 | Deep Dive |
| CVE-2023-32696 | Excessive permissions for ckan user | ckan | ckan-docker-base | High | 8.8 | 2023-05-30 18:33:54 | Deep Dive |
| CVE-2023-1802 | In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed | Docker | Docker Desktop | Medium | 5.9 | 2023-04-06 08:52:20 | Deep Dive |
| CVE-2023-28109 | Play With Docker vulnerable to Authorization Bypass Through User-Controlled Key | play-with-docker | play-with-docker | Medium | 6.5 | 2023-03-16 16:49:18 | Deep Dive |
| CVE-2023-0629 | Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers | Docker Inc. | Docker Desktop | High | 7.1 | 2023-03-13 11:16:41 | Deep Dive |
| CVE-2023-0628 | Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL | Docker Inc. | Docker Desktop | Medium | 6.1 | 2023-03-13 11:16:30 | Deep Dive |
| CVE-2022-22984 | Command Injection | - | snyk | Medium | 5.0 | 2022-11-30 00:00:00 | Deep Dive |
| CVE-2022-45385 | Jenkins Plugin CloudBees Docker Hub/Registry Notification 安全漏洞 | Jenkins project | Jenkins CloudBees Docker Hub/Registry Notification Plugin | 高危 | - | 2022-11-15 00:00:00 | Deep Dive |
| CVE-2022-20617 | Jenkins 插件 操作系统命令注入漏洞 | Jenkins project | Jenkins Docker Commons Plugin | 高危 | - | 2022-01-12 19:05:53 | Deep Dive |
| CVE-2021-23732 | Arbitrary Code Execution | - | docker-cli-js | Critical | 9.0 | 2021-11-22 17:00:17 | Deep Dive |