Lucene search
K

9270 matches found

GithubExploit
GithubExploit
added 2022/12/05 9:11 p.m.417 views

Exploit for Path Traversal in Apache Http_Server

Exploit for Apache2 Exploit for path transversal vulnerabilit...

7.5CVSS8.6AI score0.99992EPSS
Exploits148
Microsoft CVE
Microsoft CVE
added 2022/12/02 8:0 a.m.3 views

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity.

...

6.8CVSS6.6AI score0.01225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/11/30 3:30 p.m.5 views

@adobe/git-server (>=0.9.17 <=1.0.5), @adobe/helix-cli (>=0.3.0-SNAPSHOT.293 <=6.1.0) +63 more potentially affected by CVE-2022-22984 via snyk-docker-plugin (>=1.10.2 <=4.9.0)

snyk-docker-plugin NPM version =1.10.2, =0.9.17, =0.3.0-SNAPSHOT.293, =2.6.0, =1.0.5-SNAPSHOT.105, =0.0.4, =8.0.36, =5.0.22, =3.10.42, =0.0.70, =0.5.8, =3.2.4, =0.0.2, =0.0.7, =1.0.1 - @ericblade/quagga2-redux-middleware =1.0.1 and more Source cves: CVE-2022-22984 Source advisory:...

6.3CVSS6.6AI score0.03007EPSS
Exploits1
OSV
OSV
added 2022/11/30 3:30 p.m.1 views

GHSA-4X6G-3CMX-W76R Snyk plugins vulnerable to Command Injection

The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin...

6.3CVSS7AI score0.03007EPSS
Exploits1References18
Github Security Blog
Github Security Blog
added 2022/11/30 3:30 p.m.35 views

Snyk plugins vulnerable to Command Injection

The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin...

6.3CVSS2.9AI score0.03007EPSS
Exploits1References19Affected Software8
Prion
Prion
added 2022/11/30 1:15 p.m.18 views

Command injection

The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin...

6.5CVSS7.5AI score0.03007EPSS
Exploits2References17Affected Software8
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.10 views

PT-2022-15754 · Snyk · Snyk-Python-Plugin +7

Name of the Vulnerable Software and Affected Versions: snyk versions prior to 1.1064.0 snyk-mvn-plugin versions prior to 2.31.3 snyk-gradle-plugin versions prior to 3.24.5 @snyk/snyk-cocoapods-plugin versions prior to 2.5.3 snyk-sbt-plugin versions prior to 2.16.2 snyk-python-plugin versions prio...

6.3CVSS6.9AI score0.03007EPSS
Exploits1References21
GithubExploit
GithubExploit
added 2022/11/28 2:34 p.m.451 views

Exploit for Code Injection in Vmware Spring_Framework

Spring Boot CVE-2022-22965 Docker PoC for CVE-2022-22965 with...

9.8CVSS8.9AI score0.99677EPSS
Exploits100
CNVD
CNVD
added 2022/11/23 12:0 a.m.22 views

Dell PowerPath Management Appliance has an unspecified vulnerability

Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance.Dell PowerPath Management Appliance has a security vulnerability for which no information is available...

4.8CVSS4.6AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.3 views

Dell PowerPath Management Appliance 操作系统命令注入漏洞

The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A command injection vulnerability exists in Dell PowerPath Management Appliance versions 3.3, 3.2, 3.1,...

7.2CVSS7.7AI score0.01657EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.3 views

Dell PowerPath Management Appliance 安全漏洞

Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. dell PowerPath Management Appliance Licensing Issues Vulnerability. An attacker could use this vulnerability...

8.8CVSS6.8AI score0.00794EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.3 views

Dell PowerPath Management Appliance 跨站脚本漏洞

Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance.Dell PowerPath Management Appliance has a security vulnerability for which no information is available...

4.8CVSS6.6AI score0.00341EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.4 views

Dell PowerPath Management Appliance 安全漏洞

Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. The Dell PowerPath Management Appliance is vulnerable to a sensitive information disclosure vulnerability th...

2.7CVSS5.8AI score0.00435EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.4 views

Dell PowerPath Management Appliance 安全漏洞

The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. An elevation of privilege vulnerability exists in Dell PowerPath Management Appliance version 3.3, whic...

6.7CVSS7.6AI score0.00419EPSS
Exploits0References3
NVD
NVD
added 2022/11/19 1:15 a.m.51 views

CVE-2022-41939

knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...

7.4CVSS0.00891EPSS
Exploits1References4
Prion
Prion
added 2022/11/19 1:15 a.m.18 views

Code injection

knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...

4.3CVSS7.3AI score0.00891EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/11/19 12:0 a.m.34 views

CVE-2022-41939 Credential exposure when running third-party builders in knative/func

knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...

6.1CVSS7.5AI score0.00891EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/11/19 12:0 a.m.4 views

Func 信息泄露漏洞

Func is Knative open source a client library and CLI that supports the development and deployment of features. An information disclosure vulnerability exists in Func version 1.8.0 and earlier versions. An attacker exploited the vulnerability to cause registry credentials or local docker to be...

7.4CVSS7.3AI score0.00891EPSS
Exploits1References5
CVE
CVE
added 2022/11/19 12:0 a.m.63 views

CVE-2022-41939

CVE-2022-41939 affects knative.dev/func (client library/CLI for Knative functions). The root issue is credential exposure when using third-party function buildpacks, where a compromised buildpack could expose registry credentials or the local Docker socket to a malicious lifecycle container. The ...

7.4CVSS6.7AI score0.00891EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2022/11/17 5:24 p.m.539 views

Exploit for Improper Input Validation in Imagemagick

Container Escape Exploit This is a container escape exploit t...

10CVSS8.3AI score0.97485EPSS
Exploits22
Rows per page
Query Builder