Lucene search
K

9259 matches found

OSV
OSV
added 2021/10/31 11:12 a.m.10 views

MGASA-2021-0500 Updated docker packages fix security vulnerabilities

Updated docker packages fix security vulnerabilities: A bug was found in Moby Docker Engine where attempting to copy files using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the hosts filesystem, widening access to others. This bug...

7.5CVSS7AI score0.02693EPSS
Exploits3References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/31 12:0 a.m.68 views

Security update for containerd, docker, runc (important)

openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:1404-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...

8.4CVSS6.7AI score0.06604EPSS
Exploits5References10
Kitploit
Kitploit
added 2021/10/30 8:30 p.m.53 views

Dockerized-Android - A Container-Based Framework To Enable The Integration Of Mobile Components In Security Training Platforms

Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a browser. This project has been developed in order to provide a starting point for integrating mobile security components into Cyber Ranges but it can be used for an...

7.1AI score
Exploits0References12
OpenVAS
OpenVAS
added 2021/10/30 12:0 a.m.25 views

Fedora: Security Advisory for moby-engine (FEDORA-2021-b5a9a481a2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.4AI score0.02693EPSS
Exploits3References2
Fedora
Fedora
added 2021/10/29 11:24 p.m.48 views

[SECURITY] Fedora 35 Update: moby-engine-20.10.9-1.fc35

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

7.8CVSS6.8AI score0.02693EPSS
Exploits3
Gitee
Gitee
added 2021/10/29 4:45 p.m.12 views

Exploit for OS Command Injection in Docker

CVE-2019-5736 is a container escape vulnerability in Docker. The exploit works by overwriting and executing the host system's runc binary from within the container. The vulnerability allows an attacker to gain root access on the host system. The exploit is implemented in Go and consists of two us...

9.3CVSS7.8AI score0.9857EPSS
Exploits33
GithubExploit
GithubExploit
added 2021/10/29 4:30 a.m.498 views

Exploit for Code Injection in Gitlab

Vuln Impact An issue has been discovered in GitLab CE/EE af...

10CVSS8.7AI score0.99981EPSS
Exploits57
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.3 views

编号撤回

Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. Portainer suffers from a privilege permission and access control issue vulnerability that can be exploited by an attacker to obtain sensitive information...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.29 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Vulnerability (NS-SA-2021-0097)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd...

6.5CVSS7AI score0.03287EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.256 views

openSUSE 15 Security Update : containerd, docker, runc (openSUSE-SU-2021:3506-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3506-1 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be...

8.5CVSS6.9AI score0.06604EPSS
Exploits5References23
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.40 views

SUSE SLES15: containerd / docker / docker-bash-completion / etc (SUSE-SU-2021:3506-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3506-1 advisory. Docker was updated to 20.10.9-ce. bsc1191355 See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md...

8.5CVSS6.8AI score0.06604EPSS
Exploits5References23
GithubExploit
GithubExploit
added 2021/10/27 2:29 p.m.422 views

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution CVE-20...

9.8CVSS9.4AI score0.99964EPSS
Exploits62
OSV
OSV
added 2021/10/27 1:27 p.m.7 views

SUSE-SU-2021:3550-1 Security update for Salt

This update fixes the following issues: salt: - Fix the regression of dockercontainer state module - Support querying for JSON data in external sql pillar - Exclude the full path of a download URL to prevent injection of malicious code bsc1190265 CVE-2021-21996 - Fix wrong relative paths resoluti...

7.5CVSS7.7AI score0.03449EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.25 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Vulnerability (NS-SA-2021-0181)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has docker-ce packages installed that are affected by a vulnerability: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd...

6.5CVSS7AI score0.03287EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.37 views

NewStart CGSL MAIN 6.02 : docker-ce Multiple Vulnerabilities (NS-SA-2021-0124)

The remote NewStart CGSL host, running version MAIN 6.02, has docker-ce packages installed that are affected by multiple vulnerabilities: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege...

6.8CVSS7AI score0.03287EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.33 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Multiple Vulnerabilities (NS-SA-2021-0138)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has docker-ce packages installed that are affected by multiple vulnerabilities: - Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2,...

9.3CVSS8AI score0.9857EPSS
Exploits35References21
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.33 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Vulnerability (NS-SA-2021-0103)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege...

6.8CVSS7AI score0.01065EPSS
Exploits0References3
Kitploit
Kitploit
added 2021/10/26 8:30 p.m.47 views

Keeweb - Free Cross-Platform Password Manager Compatible With KeePass

This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional resources. The app can run either in browser, or as a desktop app. Quick Links Apps: Web, Desktop Timeline: Release Notes, TODO On one page: Features, FAQ Website:...

7.3AI score
Exploits0References16
Kitploit
Kitploit
added 2021/10/26 11:30 a.m.25 views

Mediator - An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture

Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that bridges the connections. This removes the need for the operator/handler to set up port forwarding in order to listen for the connection. Mediator also allows you to create...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2021/10/26 12:6 a.m.27 views

Webdiscover - The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

The purpose of this script is to automate the web enumeration process and search for exploits and vulns. Added Tools dependencies are installed during script execution: seclist ffuf namelist dnsrecon subfinder whatweb gospider nuclei searchsploit go-exploitdb It creates a directory with the scan...

7.2AI score
Exploits0References2
Rows per page
Query Builder