9275 matches found
S1EM - This Project Is A SIEM With SIRP And Threat Intel, All In One
Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM ...
Epagneul - Graph Visualization For Windows Event Logs
Epagneul is a tool to visualize and investigatewindows event logs. Deployment Requires docker and docker-compose to be installed. Installing make Offline deployment On a machine connected to internet, build an offline release: make release This will create a release folder containing ready to go...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
CVE-2021-44228 !Dockerfilehttps://github.com/ahmad4fifz/C...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 This is the deployment for Apache 2.4.49 which...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-42013 This is the deployment for Apache 2.4.50 which...
Template injection in connection test endpoint leads to RCE
Description Please enter a description of the vulnerability. Proof of Concept Run a local docker instance sh sudo docker run -p 3000:3000 --name sqlpad -d --env SQLPADADMIN=admin --env SQLPADADMINPASSWORD=admin sqlpad/sqlpad:latest Navigate to http://localhost:3000/ Click on Connections-Add...
WSVuls - Website Vulnerability Scanner Detect Issues (Outdated Server Software And Insecure HTTP Headers)
WSVuls Website vulnerability scanner detect issues outdated server software and insecure HTTP headers. What's WSVuls? WSVuls is a simple and powerful command line tool for Linux, Windows and macOS. It's designed for developers/testers and for those workers in IT who want to test vulnerabilities a...
Docker Compose Configuration Detected
Docker Compose is a tool designed to help developers defining and running multi-container Docker applications. By defining a configuration file named docker-compose.yml in their application project directory, developers can define the different services used by the application with their...
Scanmycode-Ce - Code Scanning/SAST/Static Analysis/Linting Using Many tools/Scanners With One Report - Scanmycode Community Edition (CE)
It is a Code Scanning/SAST/Static Analysis/Linting solution using many tools/Scanners with One Report. You can also add any tool to it. Currently, it supports many languages and tech stacks. Similar to SonarQube, but it is different. Fig. 1 Scanmycode concept diagram How is Scanmycode different...
Exploit for Improper Initialization in Linux Linux_Kernel
CVE-2022-0847 Dirty Pipe linux kernel lifting analysis toc...
Exploit for Improper Initialization in Linux Linux_Kernel
Dirty Pipe CVE-2022-0847: A Hands-On Exploit Demonstration i...
Important: docker
Issue Overview: A file permissions vulnerability was found in Moby Docker Engine. Copying files by using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an...
Important: docker
Issue Overview: A file permissions vulnerability was found in Moby Docker Engine. Copying files by using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an...
Amazon Linux 2 : docker (ALAS-2022-017) (deprecated)
This plugin has been deprecated following detection of an issue with overlapping filenames. Deprecated by al2ALASDOCKER-2022-017.nasl plugin ID 160411 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux 2 Security Advisory...
MGASA-2022-0088 Updated docker-containerd packages fix security vulnerability
A bug was found in containerd where containers launched through containerd’s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup...
Updated docker-containerd packages fix security vulnerability
A bug was found in containerd where containers launched through containerd’s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup...
HaccTheHub - Open Source Self-Hosted Cyber Security Learning Platform
Open source self-hosted cyber security learning platform About The Project HaccTheHub is an open source project that provides cyber security The HaccTheHub system consists of 3 main parts: Docker: containing all of the boxes creating the environment in which we'll be learning on. The backend:...
CVE-2021-45414
A Remote Code Execution RCE vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver...
CVE-2021-45414
A Remote Code Execution RCE vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver...
Remote code execution
A Remote Code Execution RCE vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver...