410 matches found
EUVD-2021-9150
Malicious code in bioql PyPI...
EUVD-2025-14374
Malicious code in bioql PyPI...
EUVD-2024-0271
Malicious code in bioql PyPI...
RLSA-2025:7459 Moderate: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
CVE-2025-59951
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...
CVE-2025-59951 Termix' official Docker image contains an authentication bypass vulnerability
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...
CVE-2025-59951 Termix' official Docker image contains an authentication bypass vulnerability
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...
CVE-2025-59951
Summary: CVE-2025-59951 concerns Termix’s official Docker image (v1.5.0 and below). A misconfigured Nginx reverse proxy causes the backend to treat the proxy IP as the client IP, making isLocalhost return true and exposing the /ssh/db/host/internal endpoint without login. This endpoint stores SSH...
CVE-2025-59951 Termix' official Docker image contains an authentication bypass vulnerability
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...
PT-2025-40304
Name of the Vulnerable Software and Affected Versions Termix versions 1.5.0 and below Description Termix is a web-based server management platform offering SSH terminal, tunneling, and file editing features. The official Docker image, when configured with an Nginx reverse proxy, incorrectly...
CVE-2025-34234
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...
CVE-2025-34234
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...
Vasion Print Virtual Appliance Host 安全漏洞
Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 22.0.862, which stems from the inclusion of private keys and hard-coded passwords in the Docker image, which could allow an...
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
🛠️ CVE-2025-32463chwoot - Securely Handle Privileges in Linux...
Docker Image Persistence
This module maintains persistence on a host by creating a docker image which runs our payload, and has access to the host's file system /host in the container. Whenever the container restarts, the payload will run, or when the payload dies the executable will run again after a delay. This will...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java logging library that is very widely used in the likes of elasticsearch, minecraft and numerous others. In this repository we have made and example...
MaraDNS
MaraDNS is an open-source DNS server. It is a small, lightweight, and highly customizable DNS server that can be used as an authoritative or recursive nameserver. MaraDNS is written in C and is designed to be easy to configure and use. The repository contains a variety of files, including a READM...
MaraDNS_1
This is a repository for MaraDNS, a small open-source DNS server. The repository contains various files and scripts for building and testing MaraDNS, including a Dockerfile for creating a Docker image to test installing MaraDNS on a fresh Ubuntu 22.04 virtual machine. The repository includes a...
CVE-2025-55473
CVE-2025-55473 affects Asian Arts Talents Foundation (AATF) Website v5.1.x and its Docker image 2024.12.8.1. The vulnerability is a Cross-Site Scripting (XSS) in the /ip.php endpoint, where the X-Forwarded-For HTTP header is parsed and displayed without proper sanitization or output encoding. Thi...
Linux Distros Unpatched Vulnerability : CVE-2021-39939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4...