EyeWitness - Tool To Take Screenshots Of Websites, Provide Some Server Header Info, And Identify Default Credentials If Possible

EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known. EyeWitness is designed to run on Kali Linux. It will auto detect the file you give it with the -f flag as either being a text file with URLs on each new line, nmap xm...

openSUSE Security Update : docker-runc (openSUSE-2019-2434)

This update for docker-runc fixes the following issues : - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and...

Xray - A Tool For Recon, Mapping And OSINT Gathering From Public Networks

XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work? XRay is a very simple tool, it works this way: 1. It'll bruteforce subdomains using a wordlist and DNS requests. 2. For every...

OPENSUSE-SU-2019:2434-1 Security update for docker-runc

This update for docker-runc fixes the following issues: - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 This update was imported from the SUSE:SLE-15:Update update project...

Security update for docker-runc (moderate)

openSUSE Security Update: Security update for docker-runc Announcement ID: openSUSE-SU-2019:2434-1 Rating: moderate References: 1152308 Cross-References: CVE-2019-16884 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

Medium: docker

Issue Overview: A command injection flaw was discovered in Docker during the docker build command. By providing a specially crafted path argument for the container to build, it is possible to inject command options to the git fetch/git checkout commands that are executed by Docker and to execute...

openSUSE Security Update : docker-runc (openSUSE-2019-2418)

This update for docker-runc fixes the following issues : - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

openSUSE: Security Advisory for docker-runc (openSUSE-SU-2019:2418-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for Docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including CVE-2016-9086 and CVE-2017-1000353. The target product/service or framework is Docker, and the...

vulhub

It is an offensive tool for vulnerable environments. This repository, vulhub, is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The...

OPENSUSE-SU-2019:2418-1 Security update for docker-runc

This update for docker-runc fixes the following issues: - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 This update was imported from the SUSE:SLE-15:Update update project...

Security update for docker-runc (moderate)

openSUSE Security Update: Security update for docker-runc Announcement ID: openSUSE-SU-2019:2418-1 Rating: moderate References: 1152308 Cross-References: CVE-2019-16884 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...

Exploit for Out-of-bounds Write in Php

Docker image and commands to check CVE-2019-11043 !Build St...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is not a single exploit or tool, but rather a collection of vulnerable environments that can be used for testing and training purposes. The target product/service or framework is not explicitly stated, but the...

SUSE SLES15 Security Update : runc (SUSE-SU-2019:2810-1)

This update for runc fixes the following issues : Security issue fixed : CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 Non-security issues fixed: Includes upstreamed patches for regressions bsc1131314 bsc1131553. Note that Tenable...

SUSE-SU-2019:2810-1 Security update for runc

This update for runc fixes the following issues: Security issue fixed: - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 Non-security issues fixed: - Includes upstreamed patches for regressions bsc1131314 bsc1131553...

Exploit for Out-of-bounds Write in Php

PHP Remote Code Execution Vulnerability CVE-2019-11043...

Exploit for Out-of-bounds Write in Php

PoC CVE-2019-11043 A Python version of the CVE-2019-11043 expl...

SUSE SLED15 / SLES15 Security Update : docker-runc (SUSE-SU-2019:2786-1)

This update for docker-runc fixes the following issues : CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable...

PHP-FPM + Nginx - Remote Code Execution

PHuiP-FPizdaM What's this This is an exploit for a bug in php-fpm CVE-2019-11043. In certain nginx + php-fpm configurations, the bug is possible to trigger from the outside. This means that a web user may get code execution if you have vulnerable config see below. What's vulnerable If a webserver...