9168 matches found
Exploit for CVE-2024-36587
CVE-2024-36587 - dnscrypt-proxy Local Privilege Escalation...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813 Proof of Concept PoC script for CVE-2025-2481...
Exploit for Use of Persistent Cookies Containing Sensitive Information in Palletsprojects Flask
CVE-2023-30861 PoC Proof of Concept ⚠️ 주의 CAUTION...
Security update for docker
This update for docker fixes the following issues: Updated to docker-buildx v0.22.0. Updated to Docker 27.5.1-ce. CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints bsc1239765 CVE-2025-22868: Fixed golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in...
SUSE-SU-2025:20205-1 Security update for docker
This update for docker fixes the following issues: - Updated to docker-buildx v0.22.0. - Updated to Docker 27.5.1-ce. - CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints bsc1239765 - CVE-2025-22868: Fixed golang.org/x/oauth2/jws: Unexpected memory consumption during token...
Exploit for CVE-2025-32965
It is an exploit module for CVE-2025-32965, a supply chain attac...
Exploit for CVE-2025-32965
This is a PoC exploit for CVE-2025-32965, a supply chain attack...
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners...
CVE-2025-32955
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to disable-sudo bypass. Harden-Runner includes a policy option disable-sudo to prevent the GitHub Actions runner user from using sudo. This is implemente...
GHSA-MXR3-8WHJ-J74R Harden-Runner allows evasion of 'disable-sudo' policy
Summary Harden-Runner includes a policy option disable-sudo to prevent the GitHub Actions runner user from using sudo. This is implemented by removing the runner user from the sudoers file. However, this control can be bypassed as the runner user, being part of the docker group, can interact with...
Harden-Runner allows evasion of 'disable-sudo' policy
Summary Harden-Runner includes a policy option disable-sudo to prevent the GitHub Actions runner user from using sudo. This is implemented by removing the runner user from the sudoers file. However, this control can be bypassed as the runner user, being part of the docker group, can interact with...
CVE-2025-32955
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to disable-sudo bypass. Harden-Runner includes a policy option disable-sudo to prevent the GitHub Actions runner user from using sudo. This is implemente...
CVE-2025-32955 Harden-Runner Evasion of 'disable-sudo' policy
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to disable-sudo bypass. Harden-Runner includes a policy option disable-sudo to prevent the GitHub Actions runner user from using sudo. This is implemente...
CVE-2025-32955
CVE-2025-32955 (Harden-Runner) affects Harden-Runner versions 0.12.0 through 2.11.x, where the disable-sudo policy can be bypassed. The issue arises because the runner user, while removed from sudoers, remains in the docker group and can interact with the Docker daemon to start privileged contain...
Harden-Runner 安全漏洞
Harden-Runner is a program open-sourced by StepSecurity. Provides web exit filtering and runtime security for GitHub hosted and self-hosted runners. A security vulnerability exists in Harden-Runner versions prior to 0.12.0 through 2.12.0, which stems from a possible bypass of the disable-sudo...
PT-2025-17463 · Docker +1 · Docker +1
Name of the Vulnerable Software and Affected Versions: Harden-Runner versions 0.12.0 through 2.12.0 Description: Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. The disable-sudo policy option is intended to prevent the GitHub Actions runner user from usi...
CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
Firewall Manager API Project Installation Follow these steps to set up and run the API project: 1. Clone the Repository git clone https://github.com/adriyansyah-mf/CentralizedFirewall cd CentralizedFirewall 2. Edit the .env File Update the environment variables in .env according to your...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
CVE-2025-32433 Remote Shell Go-based exploit for CVE-2025-3243...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813-vulhub POC script for the vulhub environment of...
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service DDoS malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States. "From 2020 to 2023, the XorDDoS trojan has increased significantly...