openSUSE Security Update : singularity (openSUSE-2020-1037)

This update for singularity fixes the following issues : - New version 3.6.0. This version introduces a new signature format for SIF images, and changes to the signing / verification code to address the following security problems : - CVE-2020-13845, boo1174150 In Singularity 3.x versions below...

OPENSUSE-SU-2020:1074-1 Security update for salt

This update for salt contains the following fixes: - Fix for TypeError in Tornado importer bsc1174165 - Require python3-distro only for TW bsc1173072 - Update to Salt version 3000: See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.html - Add docker.logout to docker...

Exploit for Incorrect Authorization in Moodle

CVE-2020-14321 Course enrolments allowed privilege escalation...

Security update for salt (moderate)

openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2020:1074-1 Rating: moderate References: 1159284 1165572 1167437 1168340 1169604 1170104 1170288 1171906 1172075 1173072 1174165 Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651 CVE-2020-11652 Affected...

vulhub

It is an offensive tool for vulnerable environments. The repository contains a collection of pre-built vulnerable docker environments, including Flask SSTI, Apache Parsing Vulnerability, and more. The tool is designed to be used for testing and training purposes, allowing users to practice...

OPENSUSE-SU-2020:1037-1 Security update for singularity

This update for singularity fixes the following issues: - New version 3.6.0. This version introduces a new signature format for SIF images, and changes to the signing / verification code to address the following security problems: - CVE-2020-13845, boo1174150 In Singularity 3.x versions below...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for testing and training purposes. The primary CVE ID is not specified, but it includes various vulnerable environments based on Docker-Compose. The target product/service or framework is not...

SUSE-SU-2020:1974-1 Security update for salt

This update for salt contains the following fixes: - Fix for TypeError in Tornado importer bsc1174165 - Require python3-distro only for TW bsc1173072 - Update to Salt version 3000: See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.html - Add docker.logout to docker...

SUSE SLED15 / SLES15 Security Update : salt (SUSE-SU-2020:1974-1)

This update for salt contains the following fixes : Fix for TypeError in Tornado importer bsc1174165 Require python3-distro only for TW bsc1173072 Update to Salt version 3000: See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.html Add docker.logout to docker execution...

openSUSE: Security Advisory for singularity (openSUSE-SU-2020:1011-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : singularity (openSUSE-2020-1011)

This update for singularity fixes the following issues : - New version 3.6.0. This version introduces a new signature format for SIF images, and changes to the signing / verification code to address the following security problems : - CVE-2020-13845, boo1174150 In Singularity 3.x versions below...

openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2020-846)

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues : Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13 - CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW...

Security update for singularity (important)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1011-1 Rating: important References: 1174148 1174150 1174152 Cross-References: CVE-2020-13845 CVE-2020-13846 CVE-2020-13847 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities ...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but it appears to be a collection of various vulnerabilities, including but not limited to, SQL injection, cross-site scripting XSS, and server-side templa...

Exploit for Code Injection in Rubyonrails Rails

CVE-2020-8163 Enviroment and exploit to CVE-2020-8163 Blind re...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for creating vulnerable environments based on Docker-Compose. The primary CVE ID is not explicitly stated, but the tool is designed to create vulnerable environments for various vulnerabilities, including CVE-2016-9086, CVE-2017-1000353, CVE-2018-1000006, and others. The...

SUSE SLES15 Security Update : containerd, docker, docker-runc, golang-github-docker-libnetwork (SUSE-SU-2020:1657-2)

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues : Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13 CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW capabilit...

U.S. Dept Of Defense: Exposed Docker Registry at https://████

Summary: The docker registry at https://██████ has no authentication in place and is therefore exposed to the public. This leads to full disclosure of all available docker containers, the possibility to upload docker container and manipulate and delete existing docker containers. Description: Fro...

vulhub

It is an offensive tool for vulnerable environments. The repository contains a collection of pre-built vulnerable docker environments, including a Flask SSTI Server-Side Template Injection vulnerability environment. The tool is designed to be easy to use, requiring only two simple commands to...

CVE-2020-14300

The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 https://access.redhat.com/errata/RHBA-2020:0053 included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in...