9255 matches found
[SECURITY] Fedora 33 Update: podman-3.2.3-2.fc33
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
QID Spotlight: Discover CBL-Mariner Vulnerabilities using Qualys VMDR
The Qualys vulnerability signatures team has released a new series of signatures detections for CBL-Mariner Common Base Linux, allowing security teams to identify CBL-Mariner hosts and detect their vulnerabilities. CBL-Mariner Common Base Linux is developed by Microsoft and is a Linux distributio...
USN-5032-2: Docker vulnerabilities
USN-5032-1 fixed vulnerabilities in Docker. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2021-2292)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2021-2292)
According to the version of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be abl...
Ubuntu 21.04 : Docker vulnerabilities (USN-5032-2)
The remote Ubuntu 21.04 host has a package installed that is affected by a vulnerability as referenced in the USN-5032-2 advisory. USN-5032-1 fixed vulnerabilities in Docker. This update provides the corresponding updates for Ubuntu 21.04. Tenable has extracted the preceding description block...
Solitude - A Privacy Analysis Tool That Enables Anyone To Conduct Their Own Privacy Investigations
Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone. Important Note Prior to installing Solitude it...
Ubuntu 18.04 LTS / 20.04 LTS : Docker vulnerabilities (USN-5032-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5032-1 advisory. Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them. Tenable has extracted the preceding...
vulhub111
This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and more. The repository is maintained by Vulhub, a community-driven project for...
USN-5032-1: Docker vulnerabilities
Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...
USN-5032-1 docker.io vulnerabilities
Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...
[SECURITY] Fedora 34 Update: podman-3.2.3-2.fc34
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
Exploit for SQL Injection in Zabbix
This repository is an offensive tool for vulnerability research and exploitation. It contains various tools and exploits for testing and demonstrating vulnerabilities in different software and systems. The primary purpose of this repository is to provide a platform for researchers and security...
Exploit for Cross-site Scripting in Gitea
CVE-2021-28378 Details about this CVE herehttps://www.cved...
Rtl_433 - Program To Decode Radio Transmissions From Devices On The ISM Bands (And Other Frequencies)
rtl433 despite the name is a generic data receiver, mainly for the 433.92 MHz, 868 MHz SRD, 315 MHz, 345 MHz, and 915 MHz ISM bands. The official source code is in the https://github.com/merbanan/rtl433/ repository. For more documentation and related projects see the https://triq.org/ site. It...
Security Bulletin: A security vulnerability was fixed in IBM Security Access Manager and IBM Security Verify Access Docker containers
Summary A security vulnerability was fixed in IBM Security Access Manager and IBM Security Verify Access Docker containers Vulnerability Details CVEID: CVE-2021-20439 DESCRIPTION: IBM Security Access Manager Docker stores user credentials in plain clear text which can be read by an unauthorized...
Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Verify Access Docker container
Summary Multiple vulnerabilities have been fixed in the IBM Security Verify Access Docker container. Vulnerability Details CVEID: CVE-2021-20523 DESCRIPTION: IBM Security Access Manager Docker could allow a remote attacker to obtain sensitive information when a detailed technical error message is...
Exploit for Use of Hard-coded Credentials in Glpi-Project Glpi
CVE-2020-5248 POC 환경 구성 및 테스트 입니다. 테스트 방법 - 환경 구성 v...
CloverDX 5.9.0 - Cross-Site Request Forgery to Remote Code Execution Exploit
Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery CSRF to Remote Code Execution RCE Exploit Author: niebardzo Vendor Homepage: https://www.cloverdx.com/ Software Link: https://github.com/cloverdx/cloverdx-server-docker Version: 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x, 5.4.x Tested on:...
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)
Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery CSRF to Remote Code Execution RCE Date: 14.04.2021 Exploit Author: niebardzo Vendor Homepage: https://www.cloverdx.com/ Software Link: https://github.com/cloverdx/cloverdx-server-docker Version: 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x,...