9207 matches found
Sitadel
This is a web application security scanner called Sitadel, which is an update for WAScan making it compatible for Python = 3.4. It allows more flexibility for users to write new modules and implement new features, such as frontend framework detection, content delivery network detection, and plugi...
Exploit for OS Command Injection in Docker
CDK - Zero Dependency Container Penetration Toolkit English | 简体中文 Legal Disclaimer Usage of CDK for attacking targets without prior mutual consent is illegal. CDK is for security testing purposes only. Overview CDK is an open-sourced container penetration toolkit, designed for offering stable...
Exploit for OS Command Injection in Docker
This repository is an offensive tool for container exploitation. The primary capability of this tool is to perform a container breakout via exposed Docker daemons docker.sock, CVE-2019-5736, and privileged container breakout via enabled CAPS and SYSCALLS. It also extracts data from Linux Kernel...
CVE-2017-20198
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369 dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369 dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
NewStart CGSL MAIN 7.02 : docker-ce Vulnerability (NS-SA-2025-0150)
The remote NewStart CGSL host, running version MAIN 7.02, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is bui...
Exploit for Path Traversal in Jenkins
Jenkins CVE-2024-23897 Lab Уязвимость чтения произвольных фай...
PT-2025-31368
Name of the Vulnerable Software and Affected Versions Moby versions 28.2.0 through 28.3.2 Description Moby is an open source container framework developed by Docker Inc. When the firewalld service is reloaded, it removes all iptables rules, including those created by Docker. In affected versions,...
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
The threat actor behind the exploitation of vulnerable Craft Content Management System CMS instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been attributed to a threat actor tracked as Mimo aka Hezb, which has a long history of leveragin...
CVE-2017-20198
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2017-20198 DC/OS Marathon UI < 1.9.0 Unauthenticated RCE via Docker Mount Abuse
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2017-20198 DC/OS Marathon UI < 1.9.0 Unauthenticated RCE via Docker Mount Abuse
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2017-20198
CVE-2017-20198 affects DC/OS Marathon UI
D2iQ DC/OS Marathon 安全漏洞
D2iQ DC/OS Marathon is a native task scheduler from US-based D2iQ. A security vulnerability exists in D2iQ DC/OS Marathon versions prior to 1.9.0, which stems from an insufficient restriction on volume mount configurations that could lead to arbitrary Docker container deployments...
PT-2025-30583 · Mesosphere +1 · Marathon +2
Name of the Vulnerable Software and Affected Versions: DC/OS versions prior to 1.9.0 Description: The Marathon UI in DC/OS allows unauthenticated users to deploy arbitrary Docker containers. Improper restriction of volume mount configurations allows attackers to deploy a container that mounts the...
broad-dagster-utils (=2.0.0a7), dagit (>=0.5.1 <=1.10.15) +71 more potentially affected by CVE-2025-51481 via dagster (>=0.1.1 <=1.10.15)
dagster PYPI version =0.1.1, =0.5.1, =0.16.0, =0.5.4, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =1.0.0, =1.10.0, =1.0.0, =0.16.0, =0.26.15 and more Source cves: CVE-2025-51481 Source advisory: OSV:GHSA-H7X8-JV97-FVVM...