Fedora 31 : coturn (2020-9eadf517de)

Coturn 4.5.1.3 ============== - merge PR 575: Fix rpm packaging - merge PR 576: Tell tar to not include the metadata into release - merge PR 574: Change Docker turnserver.conf to latest turnserver.conf - merge PR 566: Remove reference to SSLv3 - merge PR 579: Ignore MD5 for BoringSSL - merge PR...

SUSE SLES15 Security Update : containerd, docker, docker-runc, golang-github-docker-libnetwork (SUSE-SU-2020:1657-1)

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues : Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13 CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW capabilit...

Shhgit - Find GitHub Secrets In Real Time

Shhgit finds secrets and sensitive files across GitHub code and Gists committed in near real time by listening to the GitHub Events API. NEW: LIVE VERSION. Find GitHub secrets straight from your browser! Finding secrets in GitHub is nothing new. There are many great tools available to help with...

Updated docker packages fix security vulnerability

Updated docker packages fix security vulnerability: A flaw was found in Docker when it creates network bridges that accept IPv6 router advertisements by default. This flaw allows an attacker who can execute code in a container to possibly spoof rogue IPv6 router advertisements to perform a...

MGASA-2020-0279 Updated docker packages fix security vulnerability

Updated docker packages fix security vulnerability: A flaw was found in Docker when it creates network bridges that accept IPv6 router advertisements by default. This flaw allows an attacker who can execute code in a container to possibly spoof rogue IPv6 router advertisements to perform a...

Exploit for Path Traversal in Bludit

Bludit Directory Traversal Vulnerability CVE-2019–16113 Blu...

[SECURITY] [DSA 4716-1] docker.io security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4716-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 02, 2020 https://www.debian.org/security/faq -...

CVE-2020-15080

In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in version 1.7.6.6 A possible workaround is to make sure composer.json and docker-compose.yml are not accessible on your server...

CVE-2020-15080

In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in version 1.7.6.6 A possible workaround is to make sure composer.json and docker-compose.yml are not accessible on your server...

CVE-2020-15080 Information disclosure in release archive in PrestaShop

In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in version 1.7.6.6 A possible workaround is to make sure composer.json and docker-compose.yml are not accessible on your server...

Docker Desktop Elevation of Privilege Vulnerability

Docker Desktop is an application for MacOS and Windows computers for building and sharing containerized applications and microservices. An elevation of privilege vulnerability exists in com.docker.vmnetd in Docker Desktop 2.3.0.3. The vulnerability stems from a lack of client-side authentication...

Docker Resource Management Error Vulnerability (CNVD-2021-22843)

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

CVE-2020-15360

com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification...

CVE-2020-15360

com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification...

CVE-2020-15360

com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification...

Design/Logic Flaw

com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification...

CVE-2020-15360

com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification...

CVE-2020-15360

The provided connected documents identify CVE-2020-15360 as an elevation of privilege in Docker Desktop 2.3.0.3 caused by com.docker.vmnetd due to a lack of client verification/authentication. Affected product/component: Docker Desktop (Windows/macOS) with the vmnetd helper. Impact: privilege esc...

Security Bulletin: Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation

Summary The vulnerabilities are related to Java, WebSphere Liberty and docker images used by IBM Cloud Pak for Automation ICP4A. More precisely these are in IBM® SDK Java™ Technology Edition, Version 8 disclosed as part of the IBM Java SDK updates in October 2019 and January 2020, and in WebSpher...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The repository carvin0316/vulhub contains a collection of vulnerable environments based on Docker-Compose. The target product/service or framework is not explicitly stated, but the environments are designed to be...