Docker is running `minergate-cli` Container

The remote docker is running one or more minergate-cli container. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

NixOS Local Elevation of Privilege Vulnerability

NixOS is a distribution of the Linux system. A security vulnerability exists in version 17.03 of NixOS prior to 17.03.887. A local attacker can exploit the vulnerability to gain privileges by executing the docker command...

Command injection

NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands...

CVE-2017-7412

NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands...

CVE-2017-7412

NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands...

CVE-2017-7412

NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands...

CVE-2017-7412

NixOS 17.03 before 17.03.887 is affected by CVE-2017-7412 due to a world-writable Docker socket, enabling local privilege escalation by any user operating docker commands. Root cause: insecure socket permissions. Impact: local privilege elevation with full system access (as described in NVD/CNVD/...

CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

Code injection

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

SSH Configuration & Policy Scanner: ssh_scan

SSH Configuration & Policy Scanner SSH, or secure shell, is a secure protocol and the most common way of safely administering remote servers. Using a number of encryption technologies, SSH provides a mechanism for establishing a cryptographically secured connection between two parties,...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

cve-2017-5638 cve-2017-5638 Vulnerable site sample This proje...

Docker Security Analysis Tools: dockerscan

Docker Security Analysis Tools Currently Docker Scan support these actions: Registry Delete: Delete remote image / tag Info: Show info from remote registry Push: Push and image like Docker client Upload: Upload random a file Image Analyze: Looking for sensitive information in a Docker image...

DC/OS Marathon UI Docker Exploit

Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing...

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

Hardcoded credentials

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

SUSE-SU-2017:1964-1 Security update for containerd, docker, runc

This update for - containerd - docker to 1.12.6 - runc fixes the two issues. This security issue was fixed: - CVE-2016-9962: A difficult to exploit race condition caused by passing a file descriptor from the host's filesystem into the container could have allowed the guest to escapebsc1012568. Fo...