9207 matches found
CVE-2025-58766
Dyad is a local AI app builder. A critical security vulnerability has been discovered that affected Dyad v0.19.0 and earlier versions that allows attackers to execute arbitrary code on users' systems. The vulnerability affects the application's preview window functionality and can bypass Docker...
CVE-2025-58766
Dyad CVE-2025-58766 affects Dyad
CVE-2025-58766 Dyad Vulnerable to Remote Code Execution via Top-level Navigation in Preview Window
Dyad is a local AI app builder. A critical security vulnerability has been discovered that affected Dyad v0.19.0 and earlier versions that allows attackers to execute arbitrary code on users' systems. The vulnerability affects the application's preview window functionality and can bypass Docker...
CVE-2025-58766 Dyad Vulnerable to Remote Code Execution via Top-level Navigation in Preview Window
Dyad is a local AI app builder. A critical security vulnerability has been discovered that affected Dyad v0.19.0 and earlier versions that allows attackers to execute arbitrary code on users' systems. The vulnerability affects the application's preview window functionality and can bypass Docker...
Dyad 代码注入漏洞
Dyad is an AI application builder open-sourced by Dyad. A code injection vulnerability exists in Dyad 0.19.0 and earlier versions, which stems from the Preview Window feature that can bypass Docker container protection and could lead to the execution of arbitrary code...
PT-2025-38242
Name of the Vulnerable Software and Affected Versions: Dyad versions prior to 0.20.0 Description: Dyad is a local AI app builder susceptible to arbitrary code execution on users' systems. The issue affects the application’s preview window functionality and can bypass Docker container protections...
docker-security-course
This is a vulnerable nodejs app for demos, as stated in the README.md file. The app is designed to demonstrate the use of Docker to clean up after a breach and prevent them from happening again in the future. The app is built using the Dockerfile, which creates an image with the name "node-hack"...
metasploit-framework
This repository is an offensive tool for Metasploit Framework. It is a collection of files and workflows used to build and test the Metasploit Framework, a penetration testing tool. The repository contains various templates for reporting issues, suggesting new features, and submitting pull...
Security update for docker
This update for docker fixes the following issues: Update to docker-buildx v0.28.0. See upstream changelog: Update to Docker 28.4.0-ce. See upstream changelog: Update warnings and errors related to "docker buildx ..." so that they reference our openSUSE docker-buildx packages. Enable building...
SUSE-SU-2025:20743-1 Security update for docker
This update for docker fixes the following issues: Update to docker-buildx v0.28.0. See upstream changelog: Update to Docker 28.4.0-ce. See upstream changelog: - Update warnings and errors related to "docker buildx ..." so that they reference our openSUSE docker-buildx packages. - Enable building...
[SECURITY] Fedora 43 Update: podman-5.6.1-1.fc43
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
[SECURITY] Fedora 42 Update: podman-5.6.1-1.fc42
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
Linux Distros Unpatched Vulnerability : CVE-2020-8907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role roles/compute.osLogi...
New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs
Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development...
TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs
Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting exposed Docker APIs. Akamai, which discovered the latest activity last month, said it's designed to block other actors from accessing the Docker API...
[SECURITY] Fedora 41 Update: podman-5.6.1-1.fc41
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
Off Your Docker: Exposed APIs Are Targeted in New Malware Strain
...
vulhub
This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The repository contains a collection of vulnerable applications and services, along with their corresponding Dockerfiles and configuration files. The vulnerable environments are designed to help...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java logging library that is very widely used in the likes of elasticsearch, minecraft and numerous others. In this repository we have made and example...
MaraDNS
MaraDNS is an open-source DNS server. It is a small, lightweight, and highly customizable DNS server that can be used as an authoritative or recursive nameserver. MaraDNS is written in C and is designed to be easy to configure and use. The repository contains a variety of files, including a READM...