9260 matches found
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Exploiting Log4Shell CVE-2021-44228: A Complete, Modern Demo...
Exploit for Deserialization of Untrusted Data in Getlaminas Laminas-Http
CVE-2021-3007 — Laminas/Zend HTTP Deserialization RCE ==========...
Exploit for CVE-2025-55182
CVE-2025-55182 Scanner & Exploit Lab This repository contains...
Exploit for CVE-2025-55182
CVE-2025-55182 - Dockerized Proof of Concept This repository...
CVE-2025-61729 vulnerabilities
Vulnerabilities for packages: gomplate, chisel, k8sgpt, sealed-secrets, fuse-overlayfs-snapshotter, hugo, nats, aws-load-balancer-controller, jitsucom-bulker, prometheus-operator, keda, task, nri-elasticsearch, aws-flb-cloudwatch, aws-privateca-issuer, kapp-controller, terraform-provider-tls,...
GHSA-7C64-F9JR-V9H2 vulnerabilities
Vulnerabilities for packages: gomplate, chisel, k8sgpt, sealed-secrets, fuse-overlayfs-snapshotter, hugo, nats, aws-load-balancer-controller, jitsucom-bulker, prometheus-operator, keda, task, nri-elasticsearch, aws-flb-cloudwatch, aws-privateca-issuer, kapp-controller, terraform-provider-tls,...
Exploit for CVE-2025-55182
CVE-2025-55182-docker-lab Vulnerable Docker environment for l...
Exploit for CVE-2025-55182
CVE-2025-55182 Scanner & Exploit Lab This repository contains...
Linux Distros Unpatched Vulnerability : CVE-2025-12744
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the ABRT daemon's handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them direct...
Exploit for CVE-2025-55182
CVE-2025-55182 - React Server Components RCE Exploit Python C...
EUVD-2025-200985
MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gateway runs in sse or streaming transport mode, it is vulnerable to DNS rebinding. An attacker who can get a victim to visit a malicious website or be served a malicious advertiseme...
GHSA-46GC-MWH4-CC5R Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode
Impact When ran in sse or streaming mode --transport, the Docker MCP Gateway is vulnerable to a DNS rebinding attack. Vulnerability allows for Browser-Based exploitation of any MCP servers that are executing within the Docker MCP Gateway. Any tools or other features exposed by MCP servers can be...
Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode
Impact When ran in sse or streaming mode --transport, the Docker MCP Gateway is vulnerable to a DNS rebinding attack. Vulnerability allows for Browser-Based exploitation of any MCP servers that are executing within the Docker MCP Gateway. Any tools or other features exposed by MCP servers can be...
CVE-2025-13948
A vulnerability was determined in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key . Th...
CVE-2025-13948 opsre go-ldap-admin JWT docker-compose.yaml hard-coded key
A vulnerability was determined in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key . Th...
CVE-2025-13948 opsre go-ldap-admin JWT docker-compose.yaml hard-coded key
A vulnerability was determined in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key . Th...
CVE-2025-13948
The CVE-2025-13948 entry concerns opsre go-ldap-admin (up to 20251011) with an issue in the JWT Handler’s docs/docker-compose/docker-compose.yaml processing. Manipulating the argument secret key can lead to use of a hard-coded cryptographic key, enabling remote attack. Exploitation details beyond...
Exploit for CVE-2025-41115
Grafana SCIMalform CVE-2025-41115 Overview This re...
CVE-2025-12744
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
Fedora 41 : docker-buildkit (2025-1ccd7dbf40)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1ccd7dbf40 advisory. Update to release v0.26.1 ---- - Update to release v0.26.0 - Resolves: rhbz2412681, rhbz2412761 - Upstream new features and fixes - dependency...