Lucene search
K

9275 matches found

GithubExploit
GithubExploit
added 2022/05/13 11:35 a.m.532 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

It is an offensive tool for Log4Shell exploitation. The tool is...

10CVSS9.2AI score0.99999EPSS
Exploits347
vulnersOsv
vulnersOsv
added 2022/05/13 1:36 a.m.6 views

com.cloudcoreo.plugins:cloudcoreo-deploytime (>=0.1.0 <=0.2.3), com.github.kostyasha.yet-another-docker:yet-another-docker-plugin (>=0.1.0 <=0.1.3) +7 more potentially affected by CVE-2017-2648 via org.jenkins-ci.plugins:ssh-slaves (>=1.10 <=1.13)

org.jenkins-ci.plugins:ssh-slaves MAVEN version =1.10, =0.1.0, =0.1.0, =1.2.8, =2.0.0, =1.3, =1.2.0, =2.9, =2.11, =2.8, =2.19 Source cves: CVE-2017-2648 Source advisory: OSV:GHSA-X654-4WJH-74Q6...

6.8CVSS6.6AI score0.01423EPSS
Exploits0
OSV
OSV
added 2022/05/13 1:17 a.m.9 views

GHSA-WRGW-V987-5QMW Jenkins CloudShare Docker-Machine Plugin stores credentials in plain text

Jenkins CloudShare Docker-Machine Plugin stores credentials unencrypted in its global configuration file com.cloudshare.jenkins.CloudShareConfiguration.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

3.3CVSS8.7AI score0.01377EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/13 1:17 a.m.19 views

Jenkins CloudShare Docker-Machine Plugin stores credentials in plain text

Jenkins CloudShare Docker-Machine Plugin stores credentials unencrypted in its global configuration file com.cloudshare.jenkins.CloudShareConfiguration.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.8AI score0.01377EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/13 1:16 a.m.30 views

GHSA-H62F-WM92-2CMW Docker Registry has Allocation of Resources Without Limits or Throttling

Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service memory consumption via the manifest endpoint. Specific Go Packages Affected...

7.5CVSS7.2AI score0.03192EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/13 1:16 a.m.35 views

Docker Registry has Allocation of Resources Without Limits or Throttling

Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service memory consumption via the manifest endpoint. Specific Go Packages Affected...

7.5CVSS7AI score0.03192EPSS
Exploits0References9Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/13 1:15 a.m.5 views

br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-1003011 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.5)

org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-1003011 Source advisory: OSV:GHSA-23H9-M55M-C5JP...

8.1CVSS6.7AI score0.02039EPSS
Exploits0
OSV
OSV
added 2022/05/13 1:4 a.m.5 views

GHSA-32W9-2QPC-5F9V Docker image code execution with Apache Mesos

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...

7.8CVSS6.3AI score0.02712EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/13 1:4 a.m.30 views

Docker image code execution with Apache Mesos

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...

9.3CVSS4.3AI score0.02712EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/13 12:0 a.m.46 views

RHEL 7 : kpatch-patch (RHSA-2022:2211)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2211 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

7.8CVSS7.1AI score0.05528EPSS
Exploits12References6
GithubExploit
GithubExploit
added 2022/05/12 1:23 p.m.415 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Essay 🕸️ Description 🖼️ This repository co...

7.5CVSS8.6AI score0.99992EPSS
Exploits148
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.39 views

RHEL 7 : kernel (RHSA-2022:2186)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2186 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in RDMA listen...

7.8CVSS6.9AI score0.05528EPSS
Exploits12References6
Oracle linux
Oracle linux
added 2022/05/12 12:0 a.m.14 views

podman security update

1.6.4-32.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - handle redirect from the docker registry v2 Orabug: 29874238 [email protected] - remove changes in NaiveDiffDriver 1.6.4-32 - update to the latest content of...

1.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.41 views

AlmaLinux 8 : container-tools:3.0 (ALSA-2022:1793)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1793 advisory. crun: Default inheritable capabilities for linux container should be empty CVE-2022-27650 Tenable has extracted the preceding description block directly from the...

7.5CVSS8AI score0.01124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.94 views

AlmaLinux 8 : container-tools:rhel8 (ALSA-2022:1762)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1762 advisory. psgo: Privilege escalation in 'podman top' CVE-2022-1227 prometheus/clientgolang: Denial of service using InstrumentHandlerCounter CVE-2022-21698 podman:...

8.8CVSS7.1AI score0.05994EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2022/05/11 12:0 a.m.50 views

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2022-017)

The version of docker installed on the remote host is prior to 20.10.7-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2022-017 advisory. A file permissions vulnerability was found in Moby Docker Engine. Copying files by using docker cp into a...

7.5CVSS7.4AI score0.02693EPSS
Exploits3References7
GithubExploit
GithubExploit
added 2022/05/10 3:34 p.m.187 views

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE2022-1388TestAPI A Test API for testin...

9.8CVSS10AI score0.99956EPSS
Exploits63
RedHat Linux
RedHat Linux
added 2022/05/10 2:19 p.m.3 views

buildah: Default inheritable capabilities for linux container should be empty

A flaw was found in buildah, where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs wi...

6.8CVSS5.7AI score0.01225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/10 2:19 p.m.2 views

crun: Default inheritable capabilities for linux container should be empty

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby Docker Engine where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...

7.5CVSS5.7AI score0.01124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/10 2:19 p.m.3 views

podman: Default inheritable capabilities for linux container should be empty

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...

7.5CVSS5.7AI score0.01441EPSS
Exploits0References5
Rows per page
Query Builder