Cve

• CVE-2025-9074: Docker Desktop Container Escape Analysis

  2025-09-01

  Overview

  CVE-2025-9074 is a critical container escape vulnerability in Docker Desktop with a CVSS score of 9.3. The vulnerability allows containers to access the Docker Engine API without requiring sophisticated exploitation techniques or deep technical knowledge.

  The issue affects Docker Desktop installations on Windows systems that use WSL2 (Windows Subsystem for Linux 2) for container functionality. This includes Windows Server deployments and developer workstations. The vulnerability stems from a network configuration issue where containers can directly access the Docker Engine API at 192.168.65.7:2375.

• Analysis of CVE-2022–30781

  2025-04-10

  ---

  How Git Fetch Resulted in Critical Remote Code Execution in Gitea

  

  Good Morning, Everyone!

  In today’s post, I’ll dive into an analysis of CVE-2022–30781, a critical vulnerability found in the Gitea platform. This CVE allows attackers to execute remote code on the affected server, posing a significant security risk.

  Here’s what we’ll cover:

  1. Understanding How the CVE Works
  2. Writing Our Own Exploit
  3. How the Gitea Team Fixed It

  Let’s jump in and enjoy