CVE-2021-29133

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

Alpine Linux 安全漏洞

Alpine Linux is a lightweight Linux distribution for security applications. A security vulnerability exists in Alpine Linux Configuration Framework before 0.9.36, which stems from a lack of authentication in haserl and allows a local user to read the contents of any file on the file system...

ALPINE-CVE-2020-8169

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...

ALPINE-CVE-2020-27671

An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service data corruption, cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled...

ALPINE-CVE-2020-24979

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

ALPINE-CVE-2020-24980

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

ALPINE-CVE-2020-15890

LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...

Alpine Information Disclosure Vulnerability

Alpine Linux is a lightweight Linux distribution for security applications. A security vulnerability exists in Alpine Linux versions prior to 2.23. An attacker could exploit the vulnerability to obtain user data...

ALPINE-CVE-2020-14155

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a ?C substring...

ALPINE-CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

Re2Pcap - Create PCAP file from raw HTTP request or response in seconds

Re2Pcap is abbreviation for Request2Pcap and Response2Pcap. Community users can quickly create PCAP file using Re2Pcap and test them against Snort rules. Re2Pcap allow you to quickly create PCAP file for raw HTTP request shown below POST /admin/tools/iplogging.cgi HTTP/1.1 Host: 192.168.13.31:80...

ALPINE-CVE-2020-8597

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions...

OpenSMTPD vulnerable to local privilege escalation and remote code execution

Overview Qualys Research Labs found that the smtpmailaddr function in OpenSMTPD version 6.6 does not properly sanitize user input, which could allow a local attacker to escalate their privileges, and allow either a local or remote attacker to execute arbitrary code as root. Description OpenSMTPD ...

Dokuwiki 2018-04-22b Username Enumeration

Exploit Title: Dokuwiki 2018-04-22b - Username Enumeration Date: 2019-12-01 Exploit Author: Talha ŞEN Vendor Homepage: https://www.dokuwiki.org/dokuwiki Software Link: https://download.dokuwiki.org/ Version: 2018-04-22b "Greebo" Tested on: Alpine Linux 3.5 docker image PHP 5.6.30 Apache/2.4.25 Un...

Dokuwiki 2018-04-22b - Username Enumeration

Dokuwiki 2018-04-22b - Username Enumeration Exploit Title: Dokuwiki 2018-04-22b - Username Enumeration Date: 2019-12-01 Exploit Author: Talha ŞEN Vendor Homepage: https://www.dokuwiki.org/dokuwiki Software Link: https://download.dokuwiki.org/ Version: 2018-04-22b "Greebo" Tested on: Alpine Linux...

ALPINE-CVE-2019-14856

ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None...

ALPINE-CVE-2019-14697

musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code...

ALPINE-CVE-2019-13301

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error...

ALPINE-CVE-2019-13295

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled...

The vulnerability of the Alpine Linux Docker distribution, related to the use of a empty password for the pre-installed account, allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Alpine Linux Docker distribution stems from the use of a empty password for the pre-installed root account. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...