Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

开源工具 SpringBoot-Scan 的GUI图形化版本，对你有用的话麻烦点个Star哈哈 注意：本工具内置相关漏洞的Exp，杀软报毒属于正常现象！ 新版本工具使用 python3 main.py VulHub 漏洞测试环境搭建 git clone https://github.com/vulhub/vulhub.git 安装Docker环境 sudo apt-get install docker.io sudo apt install docker-compose 搭建CVE-2022-22965 cd /vulhub/CVE-2022-22965 sudo...

SUSE: Security Advisory (SUSE-SU-2023:4936-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2023:4936-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4936-1 advisory. docker: - Update to Docker 24.0.7-ce. See upstream changelong online at...

SUSE-SU-2023:4936-1 Security update for docker, rootlesskit

This update for docker, rootlesskit fixes the following issues: docker: - Update to Docker 24.0.7-ce. See upstream changelong online at https://docs.docker.com/engine/release-notes/24.0/2407. bsc1217513 Deny containers access to /sys/devices/virtual/powercap by default. - CVE-2020-8694 bsc1170415...

Exploit for Files or Directories Accessible to External Parties in Apache Struts

CVE-2023-50164 : Apache Struts 2 vulnerable Docker container...

AZL-35435 CVE-2023-48795 affecting package docker-buildx for versions less than 0.14.0-1

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

Mageia: Security Advisory (MGASA-2023-0349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated golang packages fix security vulnerabilities

Update to upstream golang 1.21.5 to fix CVE-2023-39326 and CVE-2023-452835 In Mageia 8, this update also allows build nodes to build docker stack...

MGASA-2023-0349 Updated golang packages fix security vulnerabilities

Update to upstream golang 1.21.5 to fix CVE-2023-39326 and CVE-2023-452835 In Mageia 8, this update also allows build nodes to build docker stack...

Exploit for Incorrect Authorization in Polkit_Project Polkit

CVE-2021-3560-Polkit-Privilege-Escalation by Mark, Qingchen Yu...

Exploit for Code Injection in Apache Ofbiz

ofbiz-CVE-2023-49070-RCE-POC This is a pre-auth RCE POC For C...

Security Bulletin: IBM Security Verify Access is vulnerable to Rapid Reset attacks if HTTP2 is enabled (CVE-2023-44487)

Summary The Webseal component of IBM Security Verify Access product is vulnerable to CVE-2023-44487, a flaw in handling multiplexed streams in the HTTP/2 protocol. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a flaw in...

Security Bulletin: Vulnerabilities in axios affect IBM Voice Gateway

Summary Security Vulnerabilities in axios affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By inserting the X-XSRF-TOK...

Security Misconfiguration

dockerspawner is vulnerable to Security Misconfiguration. The vulnerability is due to overly permissible pull container image configuration. An attacker can launch any pullable image as a result of this vulnerability...

CVE-2023-48311 Any image allowed by default

dockerspawner is a tool to spawn JupyterHub single user servers in Docker containers. Users of JupyterHub deployments running DockerSpawner starting with 0.11.0 without specifying DockerSpawner.allowedimages configuration allow users to launch any pullable docker image, instead of restricting to...

CVE-2023-48311

CVE-2023-48311 affects dockerspawner for JupyterHub deployments. Versions 0.11.0 through 12 (and up to 13 in some advisories) permit users to launch any pullable Docker image when DockerSpawner.allowed_images is not explicitly restricted, instead of only the configured image. Root cause: misconfi...

CVE-2023-48311 Any image allowed by default

dockerspawner is a tool to spawn JupyterHub single user servers in Docker containers. Users of JupyterHub deployments running DockerSpawner starting with 0.11.0 without specifying DockerSpawner.allowedimages configuration allow users to launch any pullable docker image, instead of restricting to...

Metasploit Wrap-Up 12/8/2023

Are You Looking for ACTION? Our very own adfoster-r7 has added a new feature that adds module actions, targets, and aliases to the search feature in Metasploit Framework. As we continue to add modules with diverse goals or targets, we’ve found ourselves leaning on these flags more and more...

The vulnerability of the Artifactory platform for developing and delivering Docker Desktop container applications allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Artifactory platform for developing and delivering Docker container applications is related to the transmission of registry data in an open format due to the use of HTTP instead of HTTPS protocols. Exploiting this vulnerability can allow a malicious actor to gain...

Docker cgroups Container Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker cgroups Container Escape', 'Description' = %q This exploit module takes advantage of a Docker image which has either the privileged flag, ...