Unauthorized access through URL manipulation

Impact The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. Patches The vulnerability has been patched in version 1.2.65 of the master branch, version 1.1.113 of the 1.1.x series, and version 1.0.12 of the stable branch. The Docker...

GHSA-QRMM-W4V4-Q7F8 Unauthorized access through URL manipulation

Impact The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. Patches The vulnerability has been patched in version 1.2.65 of the master branch, version 1.1.113 of the 1.1.x series, and version 1.0.12 of the stable branch. The Docker...

[SECURITY] Fedora 33 Update: skopeo-1.2.3-1.fc33

Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...

Fedora: Security Advisory for skopeo (FEDORA-2021-c56a213327)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Photon OS 3.0: Docker PHSA-2021-3.0-0228

An update of the docker package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0228. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

[SECURITY] Fedora 34 Update: skopeo-1.2.3-1.fc34

Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...

Exploit for Path Traversal in Gitlab

GitLab CVE2020-10977 Introduction This script provides re...

Exploit for Cross-Site Request Forgery (CSRF) in Anchorcms Anchor_Cms

CVE-2020-23342 Note: When pulling this...

Paragon - Red Team Engagement Platform With The Goal Of Unifying Offensive Tools Behind A Simple UI

Paragon is a Red Team engagement platform. It aims to unify offensive tools behind a simple UI, abstracting much of the backend work to enable operators to focus on writing implants and spend less time worrying about databases and css. The repository also provides some offensive tools already...

SUSE-SU-2021:1458-1 Security update for containerd, docker, runc

This update for containerd, docker, runc fixes the following issues: - Docker was updated to 20.10.6-ce Switch version to use -ce suffix rather than ce to avoid confusing other tools bsc1182476. CVE-2021-21284: Fixed a potential privilege escalation when the root user in the remapped namespace ha...

Critical Photon OS Security Update - PHSA-2021-0228

Updates of 'consul', 'rust', 'docker' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-3.0-0228

Updates of 'consul', 'rust', 'docker' packages of Photon OS have been released...

Exploit for Cross-site Scripting in Apache Http_Server

This is a PoC exploit for CVE-2019-10092, a Limited Cross-Site Scripting in modproxy Error Page-Apache httpd vulnerability. The target product/service is Apache HTTP Server, and the vulnerability class/vector is XSS. The probable entry points are the start.sh script, which invokes the Apache serv...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and training purposes. The primary vulnerability is not explicitly stated, but the repository contains various vulnerable environments, including ones for...

Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix

The MITRE ATT&CK® for Containers matrix was published today, establishing an industry knowledge base of attack techniques associated with containerization and related technologies that are increasingly more ubiquitous in the current computing landscape. Microsoft is happy to have contributed and...

Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix

The MITRE ATT&CK® for Containers matrix was published today, establishing an industry knowledge base of attack techniques associated with containerization and related technologies that are increasingly more ubiquitous in the current computing landscape. Microsoft is happy to have contributed and...

Oracle Linux 7 : runc (ELSA-2021-9203)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-9203 advisory. 1.0.0-92.rc92 - Add epoch value of 2 to allow upgrade to 1.0.0-92.rc92 from 1.0.0-93.rc93. 1.0.0-92.rc92 - Build for...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for various areas, including web application security, penetration testing, and vulnerability research. The primary purpose of Vulhub is to provide a convenie...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security testing and vulnerability research. The primary vulnerability class targeted by this collection is web application vulnerabilitie...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for various areas, including web application security, penetration testing, and vulnerability research. The primary purpose of Vulhub is to provide a convenient and...