9259 matches found
CVE-2023-28842
CVE-2023-28842 affects Moby/dockerd, specifically Swarm overlay with encrypted VXLAN: an endpoint on an encrypted overlay can be unauthenticated, allowing cleartext VXLAN traffic to be injected or leaked under certain conditions. The issue stems from how iptables rules and IPsec handling are appl...
CVE-2023-28842
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
CVE-2023-28842 moby/moby's dockerd daemon encrypted overlay network with a single endpoint is unauthenticated
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
Exploit for Code Injection in Apache Commons_Text
CVE-2022-42889-POC A simple demo application that shows how to...
The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in its improper protection of an alternative path, allowing a attacker to execute arbitrary code.
The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to the lack of measures taken at the management level to clean up data. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
Exploit for Incorrect Authorization in Cacti
Cacti v1.2.22 command injection CVE-2022-46169 vulnerable ap...
Noseyparker - A Command-Line Program That Finds Secrets And Sensitive Information In Textual Data And Git History
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for offensive and defensive security testing. Key features: It supports scanning files, directories, and the entire history of Git repositories It uses regular expression matching...
GHSA-M8CG-XC2P-R3FC rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
Impact It was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup namespace to be unshared e.g.., docker|podman|nerdctl run --cgroupns=host, with Rootless...
SUSE CVE-2023-25809
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
Covenant v0.5 - Remote Code Execution (RCE)
Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Date: 2022-09-11 Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows...
Covenant 0.5 Remote Code Execution
Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Date: 2022-09-11 Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows...
Design/Logic Flaw
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
CVE-2023-25809
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
CVE-2023-25809 rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
Stored XSS on Multiple Edit Page
Description A stored XSS with alert on Editing page. \ I clone repo from master branch and build with docker. Footer show: Version: 1.3.4 Proof of Concept Request image Request raw: POST /api/saveedit HTTP/1.1 Host: 192.168.125.131 User-Agent: Mozilla/5.0 Windows NT 10.0; Win64; x64; rv:109.0...
SUSE SLES12 Security Update : docker (SUSE-SU-2023:1625-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:1625-1 advisory. - CVE-2022-36109: Fixed a supplementary group permissions bypass bsc1205375. Update to 20.10.23-ce...
Decider - A Web Application That Assists Network Defenders, Analysts, And Researcher In The Process Of Mapping Adversary Behaviors To The MITRE ATT&CK Framework
What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. The Long Decider is a tool to help analysts map adversary behavior to the MITRE ATT&CK framework. Decider makes creating...
SUSE-SU-2023:1625-1 Security update for docker
This update for docker fixes the following issues: - CVE-2022-36109: Fixed a supplementary group permissions bypass bsc1205375. Update to 20.10.23-ce https://docs.docker.com/engine/release-notes/201023. - drop kubic flavor as kubic is EOL. Update to Docker 20.10.21-ce...
PT-2023-7465 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions 4.17.x Description: The issue is related to the transmission of registry data in plain text due to the use of HTTP instead of HTTPS in the Artifactory module of Docker Desktop. This can allow a remote attacker to gain...
Mageia: Security Advisory (MGASA-2023-0009)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...