Malicious code in @redhat-cloud-services/javascript-clients-shared (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

Command Injection

Overview flowsint is an Add your description here Affected versions of this package are vulnerable to Command Injection via the orgtoasn transform process. An attacker can execute arbitrary operating system commands as root on the host machine by supplying shell metacharacters and escaping the...

PT-2026-33831

Name of the Vulnerable Software and Affected Versions Flowsint affected versions not specified Description Flowsint is an open-source OSINT graph exploration tool used for cybersecurity investigation, transparency, and verification. A remote attacker can create a sketch and trigger the org to asn...

Exploit for Improper Neutralization of Line Delimiters in Cacti

███╗ ███╗ ██████╗ ███╗ ██╗██╗████████╗ ██████╗ ██████╗ █...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

Code injection

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

Docker Container Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Container Escape Via runC Overwrite', 'Description' = %q This module leverages a flaw in runc to escape a Docker container and get command...

New Docker Container Escape Bug Affects Microsoft Azure Functions

Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. The findings come as part of Intezer Lab's investigations into the Azure...

Fedora 28 : flatpak (2019-a5f616808e)

Update to 1.0.7 Fixes related to CVE-2019-5736. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

Fedora 29 : 2:docker (2019-df2e68aa6b)

Security fix for CVE-2019-5736 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

Fedora 29 : 2:runc (2019-3f19f13ecd)

Security fix for CVE-2019-5736 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...