Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking

The Damn Vulnerable Drone is an intentionally vulnerable drone hacking simulator based on the popular ArduPilot/MAVLink architecture, providing a realistic environment for hands-on drone hacking. About the Damn Vulnerable Drone What is the Damn Vulnerable Drone? The Damn Vulnerable Drone is a...

Stirling-PDF 跨站脚本漏洞

Stirling-PDF is a powerful, locally hosted, web-based PDF manipulation tool using Docker, open-sourced by Stirling Tools. A cross-site scripting vulnerability exists in Stirling-PDF version 0.28.3 and earlier, which stems from unknown code in the Markdown-to-PDF component and results in a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.37 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

Docker Desktop < 4.34.2 Multiple Vulnerabilities

The version of Docker Desktop for Linux is prior to 4.34.2. It is therefore affected by multiple vulnerabilities. - A remote code execution RCE vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. - A remote code...

Docker Desktop < 4.34.2 Multiple Vulnerabilities

The version of Docker Desktop for Linux is prior to 4.34.2. It is therefore affected by multiple vulnerabilities. - A remote code execution RCE vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. - A remote code...

Docker Desktop < 4.34.2 Multiple Vulnerabilities

The version of Docker Desktop for Linux is prior to 4.34.2. It is therefore affected by multiple vulnerabilities. - A remote code execution RCE vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. - A remote code...

Vulnerabilities fixed in Docker Desktop

Vulnerabilities have been fixed in Docker Desktop. A malicious party can exploit the vulnerabilities to execute arbitrary code in the context of the Desktop application. Since the Docker Desktop is mostly used by developers, it cannot be ruled out that the execution of arbitrary code can take pla...

Dockwatch Remote Command Execution Exploit

Dockwatch is a container management web UI for docker. It runs by default without authentication, although guidance is available for how to setup credentials for access. It has a Commands feature that allows a user to run docker commands such as inspect, network, ps. Prior to fix, it did not...

GHSA-QQV8-PH7F-H3F7 OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the "Docker" strategy, executable files inside the privileged build containe...

OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the "Docker" strategy, executable files inside the privileged build containe...

CVE-2024-7387

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build containe...

CVE-2024-7387

OpenShift CVE-2024-7387 is a symlink-traversal/path traversal vulnerability in the openshift/builder docker build path. A privileged build container can have its destinationDir override a symlink (e.g., usr_bin -&gt; /usr/bin), enabling overwriting of system binaries like /usr/bin/cp and executio...

CVE-2024-7387 Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build containe...

CVE-2024-7387 Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build containe...

CVE-2024-7387

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build containe...

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more. What is Docker? Docker is an open-source platform that automates the deployment, scaling, and management of applications using containerization technology...

RHSA-2024:1270 Red Hat Security Advisory: docker security update

Bulletin has no description...

RHSA-2020:1234 Red Hat Security Advisory: docker security and bug fix update

Bulletin has no description...

RHSA-2020:2653 Red Hat Security Advisory: docker security update

Bulletin has no description...

RHSA-2021:2144 Red Hat Security Advisory: docker security update

Bulletin has no description...