Lucene search
K

9270 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.17 views

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-2501)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an...

7.2CVSS7.5AI score0.01418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.11 views

CentOS 7 : docker (RHSA-2021:2144)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2144 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multip...

8.5CVSS7.3AI score0.06604EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.21 views

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-2525)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an...

7.2CVSS7.5AI score0.01418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.12 views

CentOS 7 : docker (RHSA-2020:1234)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1234 advisory. - runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux....

7.5CVSS7.2AI score0.05071EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.26 views

CentOS 7 : docker (RHSA-2020:2653)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2653 advisory. - Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to...

9.3CVSS7.8AI score0.9857EPSS
Exploits33References4
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-2501)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.2AI score0.01418EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2524)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS4.8AI score0.00353EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2551)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS9.8AI score0.16496EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-2525)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.2AI score0.01418EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2577)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS9.8AI score0.16496EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2500)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS4.8AI score0.00353EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.18 views

CentOS 7 : podman (RHSA-2020:2117)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2117 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious containe...

9.3CVSS7AI score0.05071EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2024/10/08 6:7 p.m.289 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

TPAS Log4Shell PoC This repository contains a Proof of Concep...

10CVSS8.9AI score0.99999EPSS
Exploits347
GithubExploit
GithubExploit
added 2024/10/06 2:58 p.m.148 views

Exploit for Files or Directories Accessible to External Parties in Apache Struts

CVE-2023-50164 PoC This repository is a proof of concept PoC...

9.8CVSS9.9AI score0.80819EPSS
Exploits15
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.5 views

The vulnerability of the openshift4/ose-docker-builder component of the Red Hat OpenShift Container Platform allows a attacker to enhance their privileges on the node where containers are executed.

The vulnerability of the openshift4/ose-docker-builder component of the Red Hat OpenShift Container Platform is related to errors in privilege management. This allows a malicious actor to escalate their privileges on the node where containers are executed...

9.1CVSS7.7AI score0.02321EPSS
Exploits3References12Affected Software1
OSV
OSV
added 2024/10/01 9:15 p.m.4 views

DEBIAN-CVE-2024-9407

A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories...

4.7CVSS6.4AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2024/10/01 9:15 p.m.3 views

UBUNTU-CVE-2024-9407

A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories...

4.7CVSS7.2AI score0.00287EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2024/10/01 5:12 a.m.18 views

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet

Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to "use Docker Swarm's orchestration features for...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.10 views

PT-2024-7952

Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Podman affected versions not specified Buildah affected versions not specified Description A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction, where the system...

9.9CVSS8.5AI score0.97781EPSS
Exploits27References206
GithubExploit
GithubExploit
added 2024/09/30 5:33 p.m.890 views

Exploit for Deserialization of Untrusted Data in Givewp

This post is a research article published by EQSTLabhttps://g...

10CVSS10AI score0.74427EPSS
Exploits11
Rows per page
Query Builder