Lucene search
K

9270 matches found

Positive Technologies
Positive Technologies
added 2023/01/06 12:0 a.m.4 views

PT-2023-18527 · Unknown · Canarytokens

Name of the Vulnerable Software and Affected Versions: Canarytokens versions prior to sha-fb61290 Description: A Cross-Site Scripting issue was identified in the history page of triggered Canarytokens. An attacker who discovers an HTTP-based Canarytoken can execute Javascript in the Canarytoken's...

6.3CVSS6AI score0.0052EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2023/01/05 8:9 p.m.5 views

Exploit for Out-of-bounds Read in Openssl

Heartbleed CVE-2014-0160 ========== Setup You will requir...

7.5CVSS7AI score0.99999EPSS
Exploits87
Veeam
Veeam
added 2023/01/05 12:0 a.m.19 views

SureBackup Ping Test Wrong Docker IP

Challenge A SureBackup Job's ping and application tests attempt to interact with an unexpected IP address of a Virtual Machine running Docker. Cause The SureBackup Job's recovery verification tests use the IP addresses reported to the VMware Environment by VMware Tools. Solution To control which ...

6.8AI score
Exploits0
GithubExploit
GithubExploit
added 2023/01/03 9:49 a.m.282 views

Exploit for Cross-Site Request Forgery (CSRF) in Filebrowser

CVE-2021-46398 - Lalie ARNOUD, Gaspard ANDRIEU In this reposi...

8.8CVSS9.3AI score0.06663EPSS
Exploits6
Kitploit
Kitploit
added 2023/01/02 11:30 a.m.110 views

Subparse - Modular Malware Analysis Artifact Collection And Correlation Framework

Subparse, is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse and index malware files and present the information found during the parsing in a searchable web-viewer. The framework is modular, making use of a core parsing engine,...

7AI score
Exploits0References8
Information Security Automation
Information Security Automation
added 2022/12/30 6:3 p.m.337 views

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. Its especially nice that all the code to support the new API was written and contributed ...

10CVSS7.6AI score0.95764EPSS
Exploits284
OpenVAS
OpenVAS
added 2022/12/30 12:0 a.m.32 views

Fedora: Security Advisory for moby-engine (FEDORA-2022-db674bafd9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.08519EPSS
Exploits0References2
Fedora
Fedora
added 2022/12/29 1:16 a.m.44 views

[SECURITY] Fedora 36 Update: moby-engine-20.10.21-1.fc36

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

7.5CVSS6.5AI score0.08519EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2022/12/27 8:0 a.m.27 views

This Week in Spring - Happy New Year 2023 edition - December 27th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! Its 27 December as I write this and - being honest - I couldnt be happier. Its raining outside. Im in a warm cozy office. Good music is playing. People are asleep in my home. I can hear the raindrops and wind outside the...

7.4AI score
Exploits0
Fedora
Fedora
added 2022/12/26 1:6 a.m.47 views

[SECURITY] Fedora 37 Update: moby-engine-20.10.21-1.fc37

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

7.5CVSS6.9AI score0.08519EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/26 12:0 a.m.24 views

Fedora: Security Advisory for moby-engine (FEDORA-2022-7e327a20be)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.3AI score0.08519EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2022/12/20 8:17 a.m.1959 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Git-Scm Git

docker host file read using cve-2022-39253 poc PoC r...

5.5CVSS7.5AI score0.01336EPSS
Exploits1
The Hacker News
The Hacker News
added 2022/12/13 1:58 p.m.31 views

Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability

A critical security flaw has been disclosed in Amazon Elastic Container Registry ECR Public Gallery that could have been potentially exploited to stage a multitude of attacks, according to cloud security firm Lightspin. "By exploiting this vulnerability, a malicious actor could delete all images ...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/13 12:0 a.m.31 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : containerd vulnerabilities (USN-5776-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5776-1 advisory. It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote...

7.5CVSS6.5AI score0.02676EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2022/12/12 4:30 p.m.344 views

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell-PoC Application This application has been contai...

9.8CVSS8.9AI score0.99677EPSS
Exploits100
OSV
OSV
added 2022/12/09 8:14 p.m.33 views

CVE-2022-46157 Remote php code execution in Akeneo PIM

Akeneo PIM is an open source Product Information Management PIM. Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions...

8.8CVSS8.7AI score0.01406EPSS
Exploits1References4
Elastic
Elastic
added 2022/12/09 7:18 p.m.6 views

Kibana 7.17.8 and 8.5.0 Security Update

Update Log 2022-12-23 : Updated impact section with additional details. 2023-01-09 : Updated impact section to include RHEL 2023-01-23 : Updated impact section with additional details. Updated Solutions and Mitigations section with new mitigation option. Updated Affected Versions section. Kibana...

8.8CVSS8.8AI score0.1372EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.27 views

Amazon Linux 2022 : docker (ALAS2022-2022-237)

The version of docker installed on the remote host is prior to 20.10.17-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-237 advisory. - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby...

5.9CVSS7.1AI score0.00492EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2022/12/09 12:0 a.m.31 views

Improper Control of Generation of Code ('Code Injection')

Akeneo PIM is an open source Product Information Management PIM. Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions...

8.8CVSS1.5AI score0.01406EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2022/12/07 5:58 p.m.349 views

Exploit for Code Injection in Apache Commons_Text

Text4shell-exploit This is a Proof of Concept exploiting the v...

9.8CVSS8.7AI score0.99931EPSS
Exploits41
Rows per page
Query Builder