9263 matches found
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 toc Vulnerability profile Vulnerabilit...
Exploit for OS Command Injection in Docker
The repository is a proof-of-concept PoC exploit for CVE-2019-5736, a container escape vulnerability in Docker. The PoC is written in Go and is designed to overwrite the /bin/sh binary in a container with a malicious interpreter path, allowing for code execution on the host system. The exploit...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
CVE-2021-4034 - Docker Container Deliberately Vulnerable Versi...
Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel
Container running cve-2022-0185 crash POC !seccomp or busth...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
CVE-2021-4034...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773-exercise A flaw was found in a change made to p...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
CVE-2021-4034 PolKit Local Lift Analysis toc Vulnerabil...
TeslaMate Elevation of Privilege Vulnerability
TeslaMate is an open source project, a self-hosted data logger for Tesla. versions prior to TeslaMate 1.25.1 contain an elevation of privilege vulnerability that stems from Tesla's use of the default Docker configuration, which allows an attacker to use Grafana login access to obtain a token for...
FACT - A Tool To Collect, Process And Visualise Forensic Data From Clusters Of Machines Running In The Cloud Or On-Premise
FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or on-premise. Deployment For a basic single-node deployment, we recommend using Docker and Docker Compose. First, read docker-compose.yaml for configuration and requirements. Then, start...
Exploit for Integer Overflow or Wraparound in Haproxy
CVE-2021-40346 Integer overflow on header request internal re...
CVE-2022-23126
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
CVE-2022-23126
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
Open redirect
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
CVE-2022-23126
TeslaMate prior to 1.25.1 (default Docker config) is vulnerable: an attacker can leverage Grafana login access to obtain a Tesla API token, enabling door opening, initiating Keyless Driving, and interference with vehicle operation en route. Affected component: the TeslaMate Docker deployment; roo...
CVE-2022-20617
An OS command execution vulnerability was found in the Jenkins Docker Commons plugin. Due to a lack of sanitization in the name of an image or a tag, an attacker with Item/Configure permission or the ability to control the contents of a previously configured job’s SCM repository may be able to...
TeslaMate 授权问题漏洞
TeslaMate is an open source project, a self-hosted data logger for Tesla. versions prior to TeslaMate 1.25.1 contain an elevation of privilege vulnerability that stems from Tesla's use of the default Docker configuration, which allows an attacker to use Grafana login access to obtain a token for...
GLSA-202107-23 : Docker: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202107-23 Docker: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Docker. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...
Second-Order - Subdomain Takeover Scanner
Scans web applications for second-order subdomain takeover by crawling the app, and collecting URLs and other data that match certain rules, or respond in a certain way. Installation From binary Download a prebuilt binary from the releases page and unzip it. From source Go version 1.17 is...
Exploit for SQL Injection in Phpipam
CVE-2022-23046 The original discovery and manual PoC is from...
Pwndora - Massive IPv4 Scanner, Find And Analyze Internet-Connected Devices In Minutes, Create Your Own IoT Search Engine At Home
Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading. Using sockets, it analyzes which ports are open, and collects more information about targets, each result is stored in Elasticsearch. You can integrate with Kibana to be able to visualize and manipulate dat...