Lucene search
K

410 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9150

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00645EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-14374

Malicious code in bioql PyPI...

9.4CVSS6.3AI score0.0044EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-0271

Malicious code in bioql PyPI...

6.5CVSS7.1AI score0.03287EPSS
Exploits0References13
OSV
OSV
added 2025/10/03 7:56 p.m.5 views

RLSA-2025:7459 Moderate: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS6.5AI score0.00369EPSS
Exploits0References2
NVD
NVD
added 2025/10/01 10:15 p.m.7 views

CVE-2025-59951

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...

9.2CVSS0.0465EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/01 9:52 p.m.2 views

CVE-2025-59951 Termix' official Docker image contains an authentication bypass vulnerability

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...

9.2CVSS6.2AI score0.0465EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/01 9:52 p.m.9 views

CVE-2025-59951 Termix' official Docker image contains an authentication bypass vulnerability

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...

9.2CVSS0.0465EPSS
Exploits1References2
CVE
CVE
added 2025/10/01 9:52 p.m.72 views

CVE-2025-59951

Summary: CVE-2025-59951 concerns Termix’s official Docker image (v1.5.0 and below). A misconfigured Nginx reverse proxy causes the backend to treat the proxy IP as the client IP, making isLocalhost return true and exposing the /ssh/db/host/internal endpoint without login. This endpoint stores SSH...

9.2CVSS6.2AI score0.0465EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/10/01 9:52 p.m.5 views

CVE-2025-59951 Termix' official Docker image contains an authentication bypass vulnerability

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...

9.2CVSS6.7AI score0.0465EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.10 views

PT-2025-40304

Name of the Vulnerable Software and Affected Versions Termix versions 1.5.0 and below Description Termix is a web-based server management platform offering SSH terminal, tunneling, and file editing features. The official Docker image, when configured with an Nginx reverse proxy, incorrectly...

9.2CVSS6.4AI score0.0465EPSS
Exploits1References12
NVD
NVD
added 2025/09/29 9:15 p.m.28 views

CVE-2025-34234

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

9.2CVSS0.00382EPSS
Exploits1References4
OSV
OSV
added 2025/09/29 9:15 p.m.3 views

CVE-2025-34234

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

7.5CVSS5.7AI score0.00382EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.5 views

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 22.0.862, which stems from the inclusion of private keys and hard-coded passwords in the Docker image, which could allow an...

9.4CVSS6.7AI score0.00656EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2025/09/20 12:42 a.m.192 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

🛠️ CVE-2025-32463chwoot - Securely Handle Privileges in Linux...

9.3CVSS8AI score0.47467EPSS
Exploits70
Metasploit
Metasploit
added 2025/09/17 6:53 p.m.562 views

Docker Image Persistence

This module maintains persistence on a host by creating a docker image which runs our payload, and has access to the host's file system /host in the container. Whenever the container restarts, the payload will run, or when the payload dies the executable will run again after a delay. This will...

5.8AI score
Exploits0
Gitee
Gitee
added 2025/09/06 12:9 p.m.175 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java logging library that is very widely used in the likes of elasticsearch, minecraft and numerous others. In this repository we have made and example...

10CVSS7AI score0.99999EPSS
Exploits352
Gitee
Gitee
added 2025/09/06 4:56 a.m.94 views

MaraDNS

MaraDNS is an open-source DNS server. It is a small, lightweight, and highly customizable DNS server that can be used as an authoritative or recursive nameserver. MaraDNS is written in C and is designed to be easy to configure and use. The repository contains a variety of files, including a READM...

6.7AI score
Exploits0
Gitee
Gitee
added 2025/09/06 4:26 a.m.102 views

MaraDNS_1

This is a repository for MaraDNS, a small open-source DNS server. The repository contains various files and scripts for building and testing MaraDNS, including a Dockerfile for creating a Docker image to test installing MaraDNS on a fresh Ubuntu 22.04 virtual machine. The repository includes a...

7.1AI score
Exploits0
CVE
CVE
added 2025/09/02 12:0 a.m.15 views

CVE-2025-55473

CVE-2025-55473 affects Asian Arts Talents Foundation (AATF) Website v5.1.x and its Docker image 2024.12.8.1. The vulnerability is a Cross-Site Scripting (XSS) in the /ip.php endpoint, where the X-Forwarded-For HTTP header is parsed and displayed without proper sanitization or output encoding. Thi...

6.1CVSS6.3AI score0.00298EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-39939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4...

6.5CVSS6.7AI score0.00907EPSS
Exploits0References2
Rows per page
Query Builder