CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9154 matches found

Kitploit•added 2018/09/28 9:46 p.m.•2690 views

Seeker v1.0.7 - Get Accurate Location using a Fake Website

Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your loction just like many popular location based websites. Seeker Hosts a fake website on Apache Server and uses Ngrok , website asks for Location Permission and if the us...

7AI score

Exploits0References1

IBM Security Bulletins•added 2018/09/26 5:55 p.m.•25 views

Security Bulletin: Vulnerabilities in docker affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in docker. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-14992 DESCRIPTION: Docker-CE Also known as Moby is vulnerable to a denial of service, caused by the lack of content verification. By using a...

6.5CVSS0.6AI score0.0247EPSS

Exploits0Affected Software1

RedHat Linux•added 2018/09/26 7:48 a.m.•2 views

docker: container breakout without selinux in enforcing mode

The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness...

6.3CVSS6.5AI score0.01135EPSS

Exploits0References4

RedHat Linux•added 2018/09/20 11:7 a.m.•141 views

Moderate: Red Hat Security Advisory: Red Hat Enterprise Linux OpenStack Platform security update

An update is now available for Red Hat OpenStack Platform 12.0 Pike. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS6.7AI score0.00597EPSS

Exploits0References3

IBM Security Bulletins•added 2018/09/14 9:30 p.m.•20 views

Security Bulletin: A Security Vulnerability affects IBM Cloud Private Cloud Foundry (CVE-2018-1277)

Summary IBM Cloud Private Cloud Foundry is vulnerable to a security vulnerability Vulnerability Details CVEID: CVE-2018-1277 DESCRIPTION: Cloud Foundry garden-runc-release and cf-deployment are vulnerable to a denial of service, caused by the failure to correctly enforce disc quotas for Docker...

6.5CVSS1.1AI score0.01118EPSS

Exploits0Affected Software1

Hacker One•added 2018/09/13 11:50 a.m.•8 views

GitLab: Bypass of GitLab CI runner slash fix in YAML validation

Hi Gitlab Security, I notice the bug 301432 that Jobert reported earlier is could be bypassed by setting variable in environment. The reason is that the fix in place preventing url normalization is performed by doing the YAML validation, however this could be bypassed by setting the environment...

Exploits0

Kitploit•added 2018/09/11 9:34 p.m.•1892 views

MobSF (Mobile Security Framework) v1.0 - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support...

7.3AI score

Exploits0References8

UbuntuCve•added 2018/09/10 5:29 p.m.•19 views

CVE-2018-12608

An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root...

7.5CVSS7.1AI score0.0092EPSS

Exploits0References1

Prion•added 2018/09/10 5:29 p.m.•17 views

Design/Logic Flaw

5CVSS7.4AI score0.0092EPSS

Exploits0References1Affected Software1

OSV•added 2018/09/10 5:29 p.m.•13 views

CVE-2018-12608

7.5CVSS6.6AI score

Exploits0References1

OSV•added 2018/09/10 5:29 p.m.•0 views

UBUNTU-CVE-2018-12608

7.5CVSS7.1AI score0.0092EPSS

Exploits0References2

OSV•added 2018/09/10 5:29 p.m.•2 views

DEBIAN-CVE-2018-12608

7.5CVSS7.5AI score0.0092EPSS

Exploits0References1

NVD•added 2018/09/10 5:29 p.m.•21 views

CVE-2018-12608

7.5CVSS7.5AI score0.0092EPSS

Exploits0References1

CVE•added 2018/09/10 5:0 p.m.•64 views

CVE-2018-12608

Docker Moby before 17.06.0 is affected by a TLS authentication flaw: the engine validates client certificates against both the configured CA and system roots (on non‑Windows). This lets a client presenting a certificate signed by any system‑trusted root CA authenticate, instead of only certificat...

7.5CVSS7.3AI score0.0092EPSS

Exploits0References1Affected Software1

Cvelist•added 2018/09/10 5:0 p.m.•37 views

CVE-2018-12608

7.4AI score0.0092EPSS

Exploits0References1

Debian CVE•added 2018/09/10 5:0 p.m.•18 views

CVE-2018-12608

7.5CVSS7.4AI score0.0092EPSS

Exploits0

Positive Technologies•added 2018/09/10 12:0 a.m.•2 views

PT-2018-11289 · Docker · Docker Moby +1

Name of the Vulnerable Software and Affected Versions: Docker Moby versions prior to 17.06.0 Description: An issue was discovered where the Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allow...

7.5CVSS7.4AI score0.0092EPSS

Exploits0References11

Kitploit•added 2018/09/08 9:9 p.m.•103 views

htrace.sh - Simple Shell Script To Debugging HTTP/HTTPS Traffic Tracing, Response Headers And Mixed-Content

htrace.sh is a shell script that allows you to validate your domain configuration and catch any errors e.g. redirect loops. It also displays basic information about the ssl configuration if available, response headers, checks for mixed content and performs security scans using Nmap scripts and...

6.6AI score

Exploits0References7