9237 matches found
Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2024-046)
The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2024-046 advisory. When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 POC & Lab For CVE-2021-41773 Setup Lab...
SUSE CVE-2024-24557
Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...
Exploit for Deserialization of Untrusted Data in Givewp
This post is a research article published by EQSTLabhttps://g...
Malicious code in confluent-docker-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bc7d66b033c3d09c07ce3226cd534199a9f8cb2200a79035526192fb140b94d9 The package is designed to exfiltrate basic data, like hostname and OS details, as well as collect information about the stacktrace it's imported from. ---...
MAL-2024-9963 Malicious code in confluent-docker-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bc7d66b033c3d09c07ce3226cd534199a9f8cb2200a79035526192fb140b94d9 The package is designed to exfiltrate basic data, like hostname and OS details, as well as collect information about the stacktrace it's imported from. ---...
CVE-2024-42364
Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...
CVE-2024-42364 homepage DNS rebinding vulnerability (GHSL-2024-096)
Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...
CVE-2024-42364
CVE-2024-42364 – DNS rebinding vulnerability in Homepage 0.9.1. The default, unauthenticated setup of Homepage (0.9.1) can be abused via DNS rebinding to route requests to the internal IP of the Homepage instance, allowing an attacker-controlled site to access sensitive data (e.g., API keys) due ...
CVE-2024-42364 homepage DNS rebinding vulnerability (GHSL-2024-096)
Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...
Exploit for Improper Encoding or Escaping of Output in Apache Http_Server
CVE-2024-38473 Nuclei Template !imagehttps://github.com/us...
GO-2022-0985 Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker...
GO-2022-0919 Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings in github.com/pterodactyl/wings
Asymmetric Resource Consumption Amplification in Docker containers created by Wings in github.com/pterodactyl/wings...
GO-2022-0903 Denial-of-Service within Docker container in ktbs.dev/teler
Denial-of-Service within Docker container in ktbs.dev/teler...
GO-2022-0647 Arbitrary File Write in Libcontainer in github.com/docker/docker
Arbitrary File Write in Libcontainer in github.com/docker/docker...
GO-2022-0751 Path Traversal in Docker in github.com/docker/docker
Path Traversal in Docker in github.com/docker/docker...
GO-2022-0649 Symlink Attack in Libcontainer and Docker Engine in github.com/docker/docker
Symlink Attack in Libcontainer and Docker Engine in github.com/docker/docker...
GO-2022-0752 Privilege Escalation in Docker in github.com/docker/docker
Privilege Escalation in Docker in github.com/docker/docker...
GO-2022-0705 Directory Traversal in Docker in github.com/docker/docker
Directory Traversal in Docker in github.com/docker/docker...
GO-2022-0708 Arbitrary File Override in Docker Engine in github.com/docker/docker
Arbitrary File Override in Docker Engine in github.com/docker/docker...