CVE-2024-29964 Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files...

CVE-2024-29964

Summary (CVE-2024-29964) : Brocade SANnav versions prior to 2.3.0a erroneously set file permissions, including for Docker-related files. This weakness can allow an unprivileged attacker with server access to read sensitive information from these files. Public sources consistently cite the same is...

CVE-2024-29963

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

CVE-2024-29963 Brocade SANnav contains hardcoded TLS keys used by Docker

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

CVE-2024-29963 Brocade SANnav contains hardcoded TLS keys used by Docker

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

CVE-2024-29963

CVE-2024-29963 affects Brocade SANnav OVA before v2.3.1 and v2.3.0a, where hardcoded TLS keys are used by Docker. Root cause: embedded TLS keys in the appliance enable potential MITM exposure if Docker TLS traffic is reachable; SANnav reportedly does not access remote Docker registries. Impact: c...

CVE-2024-32473

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

CVE-2024-32473 Moby IPv6 enabled on IPv4-only network interfaces

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

CVE-2024-32473

CVE-2024-32473 affects Moby (Docker Engine/related tooling). In 26.0.0 IPv6 was not disabled on interfaces, including those with --ipv6=false, allowing containers with ipvlan/macvlan to access local networks via IPv6, potentially receive SLAAC addresses, or join IPv6 multicast groups, increasing ...

CVE-2024-32473 Moby IPv6 enabled on IPv4-only network interfaces

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

CVE-2024-32473

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access, wi...

Exploit for Allocation of Resources Without Limits or Throttling in Apache Http_Server

CVE-2024-27316 HTTP/2 CONTINUATION flood PoC Target serv...

Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files (CVE-2024-29967).

In Brocade SANnav before Brocade SANnav v2.3.1 and v2.3.0a, it was observed that Docker instances have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to these files...

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. (CVE-2024-29964)

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files...

Hardcoded TLS keys used by Docker (CVE-2024-29963).

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Brocade SANnav doesn't have access to remote Docker registries, and knowledge of the keys is a minimal risk as SANnav is prevented from communicating with Docker registries VEX code:...

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

This repo contains a script to set up the safe environment for e...

SUSE SLES15 Security Update : docker (SUSE-SU-2024:0586-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0586-2 advisory. - BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two...

Security Bulletin: IBM Security Verify Directory products are vulnerable to CVE-2022-32751

Summary A Security Vulnerability discovered by the IBM Ethical Hacking team has been fixed in IBM Security Directory products. Vulnerability Details CVEID:CVE-2022-32751 DESCRIPTION: IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: cfssl, crane, paranoia, fulcio, nri-kafka, metacontroller, aws-load-balancer-controller, gobuster, harbor-cli, eksctl, fuse-overlayfs-snapshotter, kubernetes-dashboard, http-echo, flux-source-controller, buildkitd, flux, sbom-scorecard, multus-cni,...