9270 matches found
Exploit for Path Traversal in Apache Http_Server
Exploit for Apache2 Exploit for path transversal vulnerabilit...
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity.
...
@adobe/git-server (>=0.9.17 <=1.0.5), @adobe/helix-cli (>=0.3.0-SNAPSHOT.293 <=6.1.0) +63 more potentially affected by CVE-2022-22984 via snyk-docker-plugin (>=1.10.2 <=4.9.0)
snyk-docker-plugin NPM version =1.10.2, =0.9.17, =0.3.0-SNAPSHOT.293, =2.6.0, =1.0.5-SNAPSHOT.105, =0.0.4, =8.0.36, =5.0.22, =3.10.42, =0.0.70, =0.5.8, =3.2.4, =0.0.2, =0.0.7, =1.0.1 - @ericblade/quagga2-redux-middleware =1.0.1 and more Source cves: CVE-2022-22984 Source advisory:...
GHSA-4X6G-3CMX-W76R Snyk plugins vulnerable to Command Injection
The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin...
Snyk plugins vulnerable to Command Injection
The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin...
Command injection
The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin...
PT-2022-15754 · Snyk · Snyk-Python-Plugin +7
Name of the Vulnerable Software and Affected Versions: snyk versions prior to 1.1064.0 snyk-mvn-plugin versions prior to 2.31.3 snyk-gradle-plugin versions prior to 3.24.5 @snyk/snyk-cocoapods-plugin versions prior to 2.5.3 snyk-sbt-plugin versions prior to 2.16.2 snyk-python-plugin versions prio...
Exploit for Code Injection in Vmware Spring_Framework
Spring Boot CVE-2022-22965 Docker PoC for CVE-2022-22965 with...
Dell PowerPath Management Appliance has an unspecified vulnerability
Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance.Dell PowerPath Management Appliance has a security vulnerability for which no information is available...
Dell PowerPath Management Appliance 操作系统命令注入漏洞
The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A command injection vulnerability exists in Dell PowerPath Management Appliance versions 3.3, 3.2, 3.1,...
Dell PowerPath Management Appliance 安全漏洞
Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. dell PowerPath Management Appliance Licensing Issues Vulnerability. An attacker could use this vulnerability...
Dell PowerPath Management Appliance 跨站脚本漏洞
Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance.Dell PowerPath Management Appliance has a security vulnerability for which no information is available...
Dell PowerPath Management Appliance 安全漏洞
Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. The Dell PowerPath Management Appliance is vulnerable to a sensitive information disclosure vulnerability th...
Dell PowerPath Management Appliance 安全漏洞
The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. An elevation of privilege vulnerability exists in Dell PowerPath Management Appliance version 3.3, whic...
CVE-2022-41939
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...
Code injection
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...
CVE-2022-41939 Credential exposure when running third-party builders in knative/func
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...
Func 信息泄露漏洞
Func is Knative open source a client library and CLI that supports the development and deployment of features. An information disclosure vulnerability exists in Func version 1.8.0 and earlier versions. An attacker exploited the vulnerability to cause registry credentials or local docker to be...
CVE-2022-41939
CVE-2022-41939 affects knative.dev/func (client library/CLI for Knative functions). The root issue is credential exposure when using third-party function buildpacks, where a compromised buildpack could expose registry credentials or the local Docker socket to a malicious lifecycle container. The ...
Exploit for Improper Input Validation in Imagemagick
Container Escape Exploit This is a container escape exploit t...