Lucene search
K

9277 matches found

vulnersOsv
vulnersOsv
added 2022/09/25 12:0 a.m.4 views

org.apache.pulsar:distribution (>=2.0.0-rc1-incubating <=2.0.1-incubating), org.apache.pulsar:pulsar-docker-image (>=2.0.0-rc1-incubating <=2.7.4) +1 more potentially affected by CVE-2022-33683 via org.apache.pulsar:pulsar-proxy (>=2.0.0-rc1-incubating <=2.7.4)

org.apache.pulsar:pulsar-proxy MAVEN version =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.1.0-incubating, =2.11.4 Source cves: CVE-2022-33683 Source advisory: OSV:GHSA-J3QW-G67Q-7M64...

5.9CVSS6.2AI score0.00552EPSS
Exploits0
OSV
OSV
added 2022/09/23 11:4 a.m.3 views

OESA-2022-1936 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an...

6.3CVSS4.8AI score0.00807EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2022/09/23 12:0 a.m.98 views

Feehi CMS 2.1.1 - Remote Code Execution (Authenticated)

Exploit Title: Feehi CMS 2.1.1 - Remote Code Execution RCE Authenticated Date: 22-08-2022 Exploit Author: yuyudhn Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Version: 2.1.1 REQUIRED Tested on: Linux, Docker CVE : CVE-2022-34140 Proof of Concept: 1. Login using...

5.4CVSS5.5AI score0.03381EPSS
Exploits7
0day.today
0day.today
added 2022/09/23 12:0 a.m.232 views

Feehi CMS 2.1.1 - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Feehi CMS 2.1.1 - Remote Code Execution RCE Authenticated Exploit Author: yuyudhn Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Version: 2.1.1 REQUIRED Tested on: Linux, Docker CVE : CVE-2022-34140 Proof of Concept: 1. Login using admin account at...

5.4CVSS0.2AI score0.03381EPSS
Exploits7
GithubExploit
GithubExploit
added 2022/09/22 11:6 p.m.31 views

Exploit for CVE-2022-37708

Docker Lightman Exploit Docker CVE-2022-37708. This exploit r...

7.4AI score
Exploits1
GithubExploit
GithubExploit
added 2022/09/21 7:43 a.m.336 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-shell-poc A Proof-Of-Concept for the recently found CVE-...

10CVSS9AI score0.99999EPSS
Exploits347
Virtuozzo
Virtuozzo
added 2022/09/21 12:0 a.m.25 views

Virtuozzo Hybrid Infrastructure 5.2 Update 1 (5.2.1-57)

This update provides full support for Authorization Code Flow, as well as bug fixes and improvements. Vulnerability id: VSTOR-57337 It is impossible to set the disk role to "Unassigned" while joining a node to the cluster. Vulnerability id: VSTOR-57187 Unable to add an iSCSI target with multiple...

1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/09/16 10:20 p.m.24 views

Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Alternative video link for Russia: Scanvus Simple Credentialed...

7.5AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/09/16 9:0 p.m.40 views

Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...

6.3CVSS6.4AI score0.00807EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2022/09/16 9:0 p.m.31 views

GHSA-RC4R-WH2Q-Q6C4 Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...

5.3CVSS6.5AI score0.00807EPSS
Exploits1References10
The Hacker News
The Hacker News
added 2022/09/16 10:58 a.m.506 views

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python...

10CVSS0.3AI score0.99999EPSS
Exploits116
Fedora
Fedora
added 2022/09/16 12:18 a.m.41 views

[SECURITY] Fedora 37 Update: moby-engine-20.10.18-1.fc37

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

6.3CVSS6.7AI score0.00807EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/09/16 12:0 a.m.27 views

Fedora: Security Advisory for moby-engine (FEDORA-2022-8298607490)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3CVSS7AI score0.00807EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/09/16 12:0 a.m.22 views

Fedora: Security Advisory for moby-engine (FEDORA-2022-b027a13a39)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3CVSS7AI score0.00807EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2022/09/15 2:17 p.m.468 views

Exploit for Path Traversal in Apache Http_Server

It is an exploit module targeting Apache Log4j. The target produ...

7.5CVSS9.5AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploit
added 2022/09/15 12:15 p.m.600 views

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution cve-20...

9.8CVSS9.4AI score0.99964EPSS
Exploits62
GithubExploit
GithubExploit
added 2022/09/15 11:28 a.m.1674 views

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution cve-20...

9.8CVSS9.4AI score0.99964EPSS
Exploits62
GithubExploit
GithubExploit
added 2022/09/15 11:1 a.m.398 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773-PoC PoC for CVE-2021-41773 with docker to demon...

7.5CVSS8.3AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploit
added 2022/09/15 9:38 a.m.1036 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 CVE-2021-41773 POC with Docker Configurati...

7.5CVSS8.6AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploit
added 2022/09/15 9:36 a.m.361 views

Exploit for Path Traversal in Apache Http_Server

This is a PoC exploit for CVE-2021-41773 and CVE-2021-42013, whi...

9.8CVSS10AI score0.99992EPSS
Exploits173
Rows per page
Query Builder