The vulnerability of the start() function in the implementation of the WindowsContainerStartRequest class on the Docker Desktop for Windows development and delivery platform allows a attacker to gain access to read, modify, and delete data, thereby increasing their privileges.

The vulnerability of the start function in the implementation of the WindowsContainerStartRequest class for the Docker Desktop for Windows development and delivery platform is related to a race condition that allows tracking of links in the data-root directory for the DaemonJSON parameter...

SUSE-SU-2023:2153-1 Security update for docker-distribution

This update for docker-distribution fixes the following issues: - CVE-2023-2253: Catalog Endpoint can lead to OOM by user input bsc1207705...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2023-1800)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2023-1818)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2023-1800)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this...

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2023-1818)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this...

Nimbo-C2 - Yet Another (Simple And Lightweight) C2 Framework

About Nimbo-C2 is yet another simple and lightweight C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in Nim, with some usage of .NET on Windows by dynamically loading the CLR to the process. Nim is powerful, but interacting with Windows is much easier and robust using...

Icingaweb Directory Traversal in Static Library File Requests

Icingaweb versions from 2.9.0 to 2.9.5 inclusive, and 2.8.0 to 2.8.5 inclusive suffer from an unauthenticated directory traversal vulnerability. The vulnerability is triggered through the icinga-php-thirdparty library, which allows unauthenticated users to retrieve arbitrary files from the target...

Metlo - An Open-Source API Security Platform

Secure Your API. Metlo is an open-source API security platform With Metlo you can: Create an Inventory of all your APIEndpoints and Sensitive Data. Detect common API vulnerabilities. Proactively test your APIs before they go into production. Detect API attacks in real time. Metlo does this by...

Vulnerabilities fixed in Elastic products

Vulnerabilities have been fixed in the Kibana and Filebeat products from Elastic. These vulnerabilities allow an attacker to perform cross-site scripting attacks, read system data such as read logs or execute arbitrary code under user privileges. The vulnerability with attribute CVE-2023-31415 in...

Oracle Linux 7 : docker-engine (ELSA-2019-4598)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-4598 advisory. - Docker Engine before 18.09 allows attackers to cause a denial of service dockerd memory consumption via a large integer in a --cpuset-mems or --cpuset-cpus...

Exploit for Incorrect Permission Assignment for Critical Resource in Mobyproject Moby

CVE-2021-41091 This exploit offers an in-depth look at the CV...

REcollapse Is A Helper Tool For Black-Box Regex Fuzzing To Bypass Validations And Discover Normalizations In Web Applications

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications. It can also be helpful to bypass WAFs and weak vulnerability mitigations. For more information, take a look at the REcollapse blog post. The goal of this tool is to...

Medium: docker

Issue Overview: A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker...

Amazon Linux 2 : docker (ALASDOCKER-2023-024)

The version of docker installed on the remote host is prior to 20.10.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2023-024 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the...

Bearer - Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)

Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing SAST tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive da...

CVE-2022-34292

Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647...

CVE-2022-37326

Docker Desktop for Windows before 4.6.0 allows attackers to delete or create any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation...

CVE-2022-38730

Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. This allows exploiting a symlink vulnerability in...

CVE-2022-37326

Docker Desktop for Windows before 4.6.0 allows attackers to delete or create any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation...