Code injection

HedgeDoc formerly known as CodiMD is an open-source collaborative markdown editor. An attacker is able to receive arbitrary files from the file system when exporting a note to PDF. Since the code injection has to take place as note content, there fore this exploit requires the attackers ability t...

CVE-2021-29475

CVE-2021-29475 affects HedgeDoc (formerly CodiMD). The vulnerability allows an attacker who can modify a note to cause the system to export the note to PDF in a way that reads arbitrary files from the server’s filesystem (including config.json and other sensitive data) via file:/// references use...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary vulnerability is not specified, but the repository contains various vulnerable environments, including ones for CouchDB, FFmpeg, Git, InfluxDB,...

[SECURITY] Fedora 34 Update: podman-3.1.2-1.fc34

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

[SECURITY] Fedora 33 Update: podman-3.1.2-1.fc33

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security testing and education. The primary vulnerability class/vector targeted by this collection is not explicitly stated, but it likely...

Security Bulletin: IBM Cloud Automation Manager Content Runtime is affected by an issue with Docker before 19.03.15.

Summary IBM Cloud Automation Manager Content Runtime is affected by an issue with Docker before 19.03.15. as described in CVE-2021-21284 and CVE-2021-21285. If you have IBM Cloud Automation Manager Content Runtime with docker engine 19.03.14 or earlier installed, upgrade it to 19.03.15...

Security Bulletin: IBM Cloud Pak for Multicloud Management Managed Service Content Runtime is affected by an issue with Docker before 19.03.15.

Summary IBM Cloud Pak for Multicloud Management Managed Service Content Runtime is affected by an issue with Docker before 19.03.15. as described in CVE-2021-21284 and CVE-2021-21285. If you have IBM Cloud Pak for Multicloud Management Managed Service Content Runtime with docker engine 19.03.14 o...

Kubesploit - A Cross-Platform Post-Exploitation HTTP/2 Command And Control Server And Agent Written In Golang

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl @Ne0nd0g. Our Motivation While researching Docker and Kubernetes, we noticed that most of the...

Exploit for Incomplete Internal State Distinction in Kubernetes

CVE-2021-25735 Exploit CVE-2021-25735: Kubernetes Validatin...

Reproxy - Simple Edge Server / Reverse Proxy

Reproxy is a simple edge HTTPs server / reverse proxy supporting various providers docker, static, file. One or more providers supply information about requested server, requested url, destination url and health check url. Distributed as a single binary or as a docker container. Automatic SSL...

SUSE: Security Advisory (SUSE-SU-2014:1648-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0984-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0082-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0435-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sish - HTTP(S)/WS(S)/TCP Tunnels To Localhost Using Only SSH

An open source serveo/ngrok alternative. Deploy Builds are made automatically for each commit to the repo and are pushed to Dockerhub. Builds are tagged using a commit sha, branch name, tag, latest if released on main. You can find a list here. Each release builds separate sish binaries that can ...

openSUSE: Security Advisory for containerd, (openSUSE-SU-2021:0278-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for SQL Injection in Zabbix

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE IDs present in the context are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitly...

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, called Vulhub. It is an offensive tool for testing and training purposes. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but it includes a wide range of vulnerabilities i...

Security Bug Allows Attackers to Brick Kubernetes Clusters

A vulnerability in one of the Go libraries that Kubernetes is based on could lead to denial of service DoS for the CRI-O and Podman container engines. The bug CVE-2021-20291 affects the Go library called “containers/storage.” According to Aviv Sasson, the security researcher at Palo Alto’s Unit 4...