CVE-2024-32473

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access, wi...

Exploit for Allocation of Resources Without Limits or Throttling in Apache Http_Server

CVE-2024-27316 HTTP/2 CONTINUATION flood PoC Target serv...

Exploit for Deserialization of Untrusted Data in Apache Kafka_Connect

Apache Druid CVE-2023-25194 CVE-2023-25194 is a deserializati...

Security Bulletin: Due to use of Postgresql JDBC, IBM Instana Observability is vulnerable to SQL injection.

Summary Postgresql JDBC is used by IBM Instana Observability as part of the instana-postgresql-sensor. CVE-2024-1597. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-1597 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC is vulnerable to SQL...

Exploit for Deserialization of Untrusted Data in Apache Activemq

Apache ActiveMQ CVE-2023-46604 CVE-2023-46604 is a widely exp...

PT-2024-3482 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue is related to the use of hardcoded credentials in the software. An attacker could exploit this to gain unauthorized access to protected information. T...

Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files (CVE-2024-29967).

In Brocade SANnav before Brocade SANnav v2.3.1 and v2.3.0a, it was observed that Docker instances have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to these files...

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. (CVE-2024-29964)

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files...

Hardcoded TLS keys used by Docker (CVE-2024-29963).

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Brocade SANnav doesn't have access to remote Docker registries, and knowledge of the keys is a minimal risk as SANnav is prevented from communicating with Docker registries VEX code:...

PT-2024-18455 · Unknown · Vertaai/Modeldb

Name of the Vulnerable Software and Affected Versions: vertaai/modeldb affected versions not specified Description: The issue is related to a path traversal attack due to improper sanitization of user-supplied file paths in the file upload functionality. Attackers can exploit this by manipulating...

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

This repo contains a script to set up the safe environment for e...

Portainer 安全漏洞

Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A security vulnerability exists in Portainer CE version 2.19.4 that stems from the presence of a user enumeration vulnerability that could allow an unauthenticated remote user to determine if a...

SUSE-SU-2024:1145-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. bsc1221677 - Update to version 1.34.1 for compatibility with Docker 25.0 which is not in SLES yet, but will eventually be bsc1219563. See the corresponding release...

SUSE-SU-2024:1144-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. bsc1221677 - Update to version 1.34.1 for compatibility with Docker 25.0 which is not in SLES yet, but will eventually be bsc1219563. See the corresponding release...

SUSE-SU-2024:1143-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. bsc1221677 - Update to version 1.34.1 for compatibility with Docker 25.0 which is not in SLES yet, but will eventually be bsc1219563. See the corresponding release...

EulerOS 2.0 SP9 : docker-runc (EulerOS-SA-2024-1504)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1504)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-4754 · Docker · Docker Desktop

Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.29.0 Description: The issue is related to insufficient restriction of the communication channel for given endpoints, allowing an attacker who has gained access to the Docker Desktop VM through a container...

SUSE SLES15 Security Update : docker (SUSE-SU-2024:0586-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0586-2 advisory. Vendor latest buildkit v0.11 including bugfixes for the following: CVE-2024-23653: BuildKit API doesn't validate entitlement on...