[SECURITY] Fedora 29 Update: docker-1.13.1-68.git47e2230.fc29

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

[SECURITY] Fedora 30 Update: docker-1.13.1-68.git47e2230.fc30

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

Docker < 18.09.4 RCE Vulnerability

Docker is prone to a remote code execution RCE vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Airgeddon v9.21 - A Multi-use Bash Script for Linux Systems to Audit Wireless Networ

This is a multi-use bash script for Linux systems to audit wireless networks. All the needed info about how to "install | use | enjoy" airgeddon is present at Github's Wiki. I. Content & Features Home Features Screenshots Wallpapers II. Requirements Requirements Compatibility Essential Tools...

Covenant - A .NET Command And Control Framework For Red Teamers

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. Covenant is an ASP.NET Core, cross-platform application that includes a...

Docker Command Injection Vulnerability

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

DEBIAN-CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

Command injection

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

CVE-2019-13139

Docker Engine prior to 18.09.4 is vulnerable: an attacker who can influence the build path for docker build can inject command options into git clone, enabling code execution as the invoking user. Root cause: remote git URL handling allows git ref to be misinterpreted as a flag. Impact: potential...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

Rancher 2.0.x < 2.0.15 / 2.1.x < 2.1.10 / 2.2.x < 2.2.4 Command Injection

In Rancher 2 through 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable...

GHSA-GQ9M-QVPX-68HC Pallets Werkzeug Insufficient Entropy

Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id...

Pallets Werkzeug Insufficient Entropy

Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id...

Ubuntu 16.04 LTS / 18.04 LTS : Docker vulnerability (USN-4103-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4103-2 advisory. Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause ...

Ubuntu 19.04 : docker-credential-helpers vulnerability (USN-4103-1)

Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service crash or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...