Lucene search
K

9275 matches found

Amazon
Amazon
added 2022/10/11 12:0 a.m.7 views

Medium: containerd, docker

Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd, docker Note: This advisory is applicabl...

7.5CVSS6.9AI score0.02513EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2414)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00377EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2427)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00377EPSS
Exploits0References2
Kitploit
Kitploit
added 2022/10/09 11:30 a.m.79 views

EvilnoVNC - Ready To Go Phishing Platform

EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/10/08 12:0 a.m.36 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2414)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container c...

5.5CVSS7AI score0.00377EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2022/10/07 2:44 p.m.165 views

Exploit for CVE-2022-1040

Environment In Python Environment3.10 python3.10 It...

9.8CVSS9.9AI score0.99796EPSS
Exploits9
Kitploit
Kitploit
added 2022/10/07 11:30 a.m.76 views

Bbot - OSINT Automation For Hackers

BEE·bot OSINT automation for hackers. BBOT is a recursive , modular OSINT framework written in Python. It is capable of executing the entire OSINT process in a single command, including subdomain enumeration, port scanning, web screenshots with its gowitness module, vulnerability scanning with...

7.5AI score
Exploits0References8
GithubExploit
GithubExploit
added 2022/10/07 8:15 a.m.3366 views

Exploit for Improper Input Validation in Php

CVE-2022-31629 poc PHP Bug reporthttps://bugs.php.net/b...

6.5CVSS7.7AI score0.49336EPSS
Exploits2
Kitploit
Kitploit
added 2022/10/07 3:56 a.m.44 views

Parrot 5.1 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Parrot OS 5.1 is officially released. We're proud to say that the new version of Parrot OS 5.1 is available for download; this new version includes a lot of improvements and updates that makes the distribution more performing and more secure. How do I get Parrot OS? You can download Parrot OS by...

7AI score
Exploits0
Kitploit
Kitploit
added 2022/10/01 11:30 a.m.43 views

Deadfinder - Find Dead-Links (Broken Links)

Dead link broken link means a link within a web page that cannot be connected. These links can have a negative impact to SEO and Security. This tool makes it easy to identify and modify. Installation Install with Gem gem install deadfinder Docker Image docker pull ghcr.io/hahwul/deadfinder:latest...

7.6AI score
Exploits0References1
Snyk
Snyk
added 2022/09/29 1:34 p.m.1 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...

7.8CVSS7.9AI score0.03007EPSS
Exploits2References2
Snyk
Snyk
added 2022/09/29 1:34 p.m.1 views

Command Injection

Overview snyk-gradle-plugin is a plugin for the Snyk CLI tool, providing dependency metadata for Gradle projects. Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on t...

7.8CVSS7.8AI score0.03007EPSS
Exploits2References2
Snyk
Snyk
added 2022/09/29 1:34 p.m.2 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...

7.8CVSS7.1AI score0.03007EPSS
Exploits2References2
Snyk
Snyk
added 2022/09/29 1:34 p.m.2 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...

7.8CVSS7.9AI score0.03007EPSS
Exploits2References2
Zero Day Initiative
Zero Day Initiative
added 2022/09/29 12:0 a.m.30 views

Docker Desktop Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.1CVSS4.6AI score0.00926EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2022/09/28 5:38 a.m.618 views

Exploit for CVE-2022-21350

It is an offensive tool for Java-based web applications. The rep...

6.5CVSS7.1AI score0.03618EPSS
Exploits1
Gitee
Gitee
added 2022/09/25 4:1 p.m.10 views

Exploit for OS Command Injection in Docker

This is a PoC Proof of Concept exploit for CVE-2019-5736, a vulnerability in the runc binary of the Docker container runtime. The exploit is implemented in Go and is designed to overwrite the runc binary on the host system from within a container. The exploit works by overwriting the /bin/sh bina...

9.3CVSS7.2AI score0.9857EPSS
Exploits33
GithubExploit
GithubExploit
added 2022/09/25 3:9 p.m.210 views

Exploit for Path Traversal in Synacor Zimbra_Collaboration_Suite

Explotación Activa Sobre Zimbra CVE-2022-37042 RCE Unauthent...

9.8CVSS8.6AI score0.98163EPSS
Exploits16
vulnersOsv
vulnersOsv
added 2022/09/25 12:0 a.m.4 views

org.apache.pulsar:distribution (>=2.0.0-rc1-incubating <=2.0.1-incubating), org.apache.pulsar:pulsar-docker-image (>=2.0.0-rc1-incubating <=2.7.4) +1 more potentially affected by CVE-2022-33683 via org.apache.pulsar:pulsar-proxy (>=2.0.0-rc1-incubating <=2.7.4)

org.apache.pulsar:pulsar-proxy MAVEN version =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.1.0-incubating, =2.11.4 Source cves: CVE-2022-33683 Source advisory: OSV:GHSA-J3QW-G67Q-7M64...

5.9CVSS6.2AI score0.00552EPSS
Exploits0
OSV
OSV
added 2022/09/23 11:4 a.m.3 views

OESA-2022-1936 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an...

6.3CVSS4.8AI score0.00807EPSS
Exploits0References2
Rows per page
Query Builder