Photon OS 3.0: Docker PHSA-2020-3.0-0088

An update of the docker package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0088. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136576;...

Photon OS 2.0: Docker PHSA-2020-2.0-0241

An update of the docker package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0241. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13656...

Photon OS 1.0: Docker PHSA-2020-1.0-0292

An update of the docker package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0292. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13655...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, provided by Vulhub. The repository contains a collection of vulnerable environments, each with its own set of vulnerabilities and exploits. The repository is designed to be easy to use, with a simple installation process and a...

vulhub

This repository is an open-source collection of vulnerable web applications and environments for security testing and education, maintained by vulhub. It is a defensive blue-team research and threat mitigation tool. The repository contains a variety of vulnerable web applications and environments...

SaltStack Salt Master/Minion Unauthenticated RCE

This module exploits unauthenticated access to the runner and sendpub methods in the SaltStack Salt master's ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to execute code as root on either the master or on select minions. VMware vRealize Operations Manager...

SaltStack Salt Master Server Root Key Disclosure

This module exploits unauthenticated access to the prepauthinfo method in the SaltStack Salt master's ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to disclose the root key used to authenticate administrative commands to the master. VMware vRealize Operations...

Information Disclosure

docker is vulnerable to information disclosure. The vulnerability exists as debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes non external secrets. It potentially applies to other API users of the...

Exegol - Exegol Is A Kali Light Base With A Few Useful Additional Tools And Some Basic Configuration

Exegol is a fully configured kali light base with a few useful additional tools 50, a few useful resources scripts and binaries for privesc, credential theft etc. and some configuration oh-my-zsh, history, aliases, colourized output for some tools. It can be used in pentest engagements and...

Exploit for OS Command Injection in Docker

RunC-CVE-2019-5736 --- Video: https://bit.ly/2WqvIL...

Important Photon OS Security Update - PHSA-2020-0088

Updates of 'kibana', 'docker', 'elasticsearch' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0292

An update of 'linux-esx', 'linux', 'mysql', 'ntp', 'docker', 'libtasn1', 'go' packages of Photon OS has been released...

Important Photon OS Security Update - PHSA-2020-3.0-0088

Updates of 'kibana', 'elasticsearch', 'docker' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0241

An update of 'docker' packages of Photon OS has been released...

Important Photon OS Security Update - PHSA-2020-0241

Updates of 'docker' packages of Photon OS have been released...

Exploit for Race Condition in Openbsd Openssh

PoC exploit for CVE-2018-15473, an OpenSSH username enumeration vulnerability. The target product/service is OpenSSH, and the vulnerability class/vector is username enumeration. The probable entry point is the sshUsernameEnumExploit.py script, which is invoked by the ENTRYPOINT in the Dockerfile...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an offensive tool for Docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including CVE-2016-9086, CVE-2013-4547, CVE-2017-1000353, and CVE-2018-1000006. The target product/service is Docke...

Photon OS 3.0: Docker PHSA-2020-3.0-0085

An update of the docker package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0085. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136345;...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is a Flask SSTI Server-Side Template Injection vulnerability. The target product/service is Flask, a Python web framework. The probable entry point is the flask/ssti directory, where the...

Exploit for Out-of-bounds Write in Php

PoC CVE-2019-11043 A Python implementation of the CVE-2019-110...