Lucene search
K

9260 matches found

Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.5 views

PT-2025-48812

A vulnerability was determined in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key . Th...

6.3CVSS6.8AI score0.00252EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.4 views

Go Ldap Admin 安全漏洞

Go Ldap Admin is an openLDAP backend management project based on Go+Vue implementation organized by China opsre. A security vulnerability exists in Go Ldap Admin 20251011 and earlier versions, which originates from the use of hard-coded encryption keys by the JWT Handler component in the...

6.3CVSS5.6AI score0.00252EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.5 views

Docker MCP Gateway 安全漏洞

Docker MCP Gateway is a gateway service from Docker Inc. in the United States. A security vulnerability exists in Docker MCP Gateway version 0.27.0 and earlier, which stems from vulnerability to DNS rebinding attacks when running in sse or streaming transport mode, and could lead to browser-based...

9.6CVSS6.3AI score0.00374EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.9 views

Fedora 42 : docker-buildkit (2025-308cf4259b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-308cf4259b advisory. Update to release v0.26.1 ---- - Update to release v0.26.0 - Resolves: rhbz2412681, rhbz2412761 - Upstream new features and fixes - dependency...

4.3CVSS7.8AI score0.00419EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.1 views

Fedora 41 : docker-buildx (2025-6e24679a4d)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-6e24679a4d advisory. - Update to release v0.30.1 - Upstream fix ---- - Update to release v0.30.0 - Resolves: rhbz2413270 - Resolves: rhbz2407614, rhbz2407881, rhbz240815...

7.5CVSS7.3AI score0.00626EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/12/02 6:30 p.m.5 views

Duplicate Advisory: Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mv7p-34fv-4874. This link is maintained to preserve external references. Original Description A vulnerability was detected in nocobase up to 1.9.4/2.0.0-alpha.37. The affected element is an unknown function of t...

6.3CVSS6.4AI score0.00252EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2025/12/02 1:12 p.m.281 views

Exploit for CVE-2025-1337

CVE‑2025‑1337 — Intentional Remote Code Execution Training Mac...

5.1CVSS7.5AI score0.00489EPSS
Exploits3
Snyk
Snyk
added 2025/12/02 6:36 a.m.1 views

Command Injection

Overview mcp-docker is a Model Context Protocol server for Docker management with AI assistants Affected versions of this package are vulnerable to Command Injection due to insufficient validation of list-format commands in the dockerexeccommand tool. The dockerexeccommand tool accepts a...

9.8CVSS7.3AI score
Exploits0References3
OSV
OSV
added 2025/12/01 8:38 p.m.5 views

BIT-FLUENT-BIT-2025-12970 CVE-2025-12970

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...

8.8CVSS7.9AI score0.00788EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/01 2:20 a.m.5 views

CVE-2025-64751

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/01 12:0 a.m.18 views

BackportBench: A Multilingual Benchmark for Automated Backporting of Patches

Many modern software projects evolve rapidly to incorporate new features and security patches. It is important for users to update their dependencies to safer versions, but many still use older, vulnerable package versions because upgrading can be difficult and may break their existing codebase...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2025/11/28 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-1ccd7dbf40)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.8AI score0.00419EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/11/28 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2025-264853458b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.8AI score0.00419EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/11/28 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-308cf4259b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.8AI score0.00419EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/11/27 5:16 a.m.287 views

Exploit for CVE-2021-21980

Clippy of the Dead - CVE-2021-21980 testing environment and Nucl...

7.5CVSS6.8AI score0.04601EPSS
Exploits2
Fedora
Fedora
added 2025/11/27 1:13 a.m.6 views

[SECURITY] Fedora 41 Update: docker-buildkit-0.26.1-1.fc41

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

4.3CVSS6.8AI score0.00419EPSS
Exploits0
Fedora
Fedora
added 2025/11/27 1:13 a.m.7 views

[SECURITY] Fedora 41 Update: docker-buildx-0.30.1-1.fc41

Docker CLI plugin for extended build capabilities with BuildKit...

7.5CVSS6.8AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2025/11/27 1:0 a.m.6 views

[SECURITY] Fedora 42 Update: docker-buildkit-0.26.1-1.fc42

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

4.3CVSS6.8AI score0.00419EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/11/26 1:59 a.m.181 views

Exploit for Race Condition in Vercel Next.Js

CVE-2025-32421---Race-Condition-Vulnerability---Next.js PoC La...

3.7CVSS7AI score0.00666EPSS
Exploits2
Fedora
Fedora
added 2025/11/26 1:6 a.m.7 views

[SECURITY] Fedora 42 Update: docker-buildx-0.30.1-1.fc42

Docker CLI plugin for extended build capabilities with BuildKit...

7.5CVSS6.8AI score0.00626EPSS
Exploits0
Rows per page
Query Builder