Vulnerable Docker Environments

CVE-2020-10199

8.8 HIGH

Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
11 months ago

CVE-2020-7961

9.8 CRITICAL

Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).
11 months ago

CVE-2020-9402

8.8 HIGH

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on...
11 months ago

CVE-2020-1938

9.8 CRITICAL

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for...
about 1 year ago

CVE-2019-17558

7.5 HIGH

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates...
about 1 year ago

CVE-2019-10758

9.9 CRITICAL

mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a...
about 1 year ago

CVE-2011-3923

9.8 CRITICAL

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
over 1 year ago

CVE-2019-11043

9.8 CRITICAL

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated...
over 1 year ago

CVE-2019-15107

9.8 CRITICAL

An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
over 1 year ago

CVE-2019-11581

9.8 CRITICAL

There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely...
over 1 year ago