Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

This repository is an offensive tool for a vulnerability environment. It is a Docker-Compose file for a vulnerability environment. The repository contains a .gitignore file, a README.md file, and several other files that are used to configure the environment. The .gitignore file contains a list o...

Fedora Update for docker FEDORA-2018-df2593ee6a

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for docker-latest FEDORA-2018-160b3d2f6c

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: docker-latest-1.13.1-37.git9cb56fd.fc27

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

[SECURITY] Fedora 27 Update: docker-1.13.1-60.git9cb56fd.fc27

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

RHEL 7 : docker (RHSA-2018:2482)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2482 advisory. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs...

Photon OS 1.0: Binutils / Curl / Docker / Linux / Rpm PHSA-2017-1.0-0095 (deprecated)

An update of 'curl', 'docker', 'binutils', 'linux','rpm' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-1.0-0095. The text...

Moderate: Red Hat Security Advisory: docker security and bug fix update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

docker: container breakout without selinux in enforcing mode

The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness...

Polymorph - A Real-Time Network Packet Manipulation Framework With Support For Almost All Existing Protocols

Polymorph is a framework written in Python 3 that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of network packets that implemen...

DependencyCheck v3.3.1 - A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies

Dependency-Check is a Software Composition Analysis SCA tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration CPE identifier for a given dependency. If found, it will generat...

RouterSploit v3.3.0 - Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

vulhub

This is a Docker Compose file for a vulnerability environment. It is a collection of services and their configurations that can be used to test and demonstrate various vulnerabilities. The file is written in YAML format and defines the services, their ports, and their dependencies. The services...

AutoSploit v2.2 - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been select...

Apache OpenWhisk Remote Code Execution Vulnerability (CNVD-2018-14727)

Apache OpenWhisk is an open source FaaS cloud platform from the Apache Software Foundation in the U.S. Docker Skeleton Runtime for Apache OpenWhisk is its Docker-based version. A security vulnerability exists in Docker Skeleton Runtime for Apache OpenWhisk. The vulnerability can be exploited to...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This repository is an offensive tool for a vulnerability environment. It is a collection of Docker Compose files for various vulnerabilities, allowing users to easily set up and test vulnerable environments. The repository includes files for vulnerabilities such as CVE-2016-9086, CVE-2017-1000353...

Docker Container Number of Changed Files

Binary data dockerchangedfilesnum.nbin...

Security Bulletin: IBM Cloud Functions is affected by two function runtimevulnerabilities

Summary IBM Cloud Functions has addressed the following vulnerabilities. Users of the IBM Cloud Functions service that are using docker actions https://console.bluemix.net/docs/openwhisk/openwhiskactions.htmlcreating-docker-actions are affected but only if the user's function has a general securi...

vulhub

It is an offensive tool for web application exploitation. The repository contains a Docker Compose file for a vulnerability environment. The tool is designed to exploit vulnerabilities in web applications. The tool is likely used for testing and demonstrating vulnerabilities in web applications. ...

Cr3dOv3r v0.4 - Know The Dangers Of Credential Reuse Attacks

Your best friend in credential reuse attacks. You give Cr3dOv3r an email then it does two simple useful jobs with it: Search for public leaks for the email and returns the result with the most useful details about the leak Using haveibeenpwned API and tries to get the plain text passwords from...