Skydive - An Open Source Real-Time Network Topology and Protocols Analyzer

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. Al...

SUSE-SU-2016:1159-1 Security update for docker

docker was updated to fix one security issue. This security issue was fixed: - CVE-2016-3697: Potential privilege escalation via confusion of usernames and UIDs bsc976777...

SUSE-SU-2016:1146-1 Security update for portus

Portus was updated to version 2.0.3, which brings several fixes and enhancements: - Fixed crono job when a repository could not be found. - Fixed compatibility issues with Docker 1.10 and Distribution 2.3. - Handle multiple scopes in token requests. - Add optional fields to token response. - Fixe...

openSUSE Security Update : gcc5 (openSUSE-2016-472)

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The following non-security issues...

Linux Vulnerability Scanner: Vuls

Vulnerability scanner for Linux, agentless, written in golang For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for system administrator to choose not to use...

Docker UI 0.10.0 Cross Site Scripting

Document Title: =============== Docker UI v0.10.0 - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1803 Release Date: ============= 2016-03-29 Vulnerability Laboratory ID VL-ID: ==================================== 18...

Docker UI 0.10.0 Cross Site Request Forgery

Document Title: =============== Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1802 Release Date: ============= 2016-03-28 Vulnerability Laboratory ID VL-ID:...

Docker UI v0.10.0 - Multiple Persistent Vulnerabilities

Document Title: =============== Docker UI v0.10.0 - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1803 Release Date: ============= 2016-03-29 Vulnerability Laboratory ID VL-ID: ==================================== 18...

Docker UI v0.10.0 - Multiple CS CSRF Web Vulnerabilities

Document Title: =============== Docker UI v0.10.0 - Multiple CS CSRF Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1802 Release Date: ============= 2016-03-28 Vulnerability Laboratory ID VL-ID: ====================================...

Docker UI v0.10.0 - Multiple Persistent Vulnerabilities

Document Title: =============== Docker UI v0.10.0 - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1803 Release Date: ============= 2016-03-28 Vulnerability Laboratory ID VL-ID: ==================================== 18...

Docker UI v0.10.0 - Multiple CS CSRF Web Vulnerabilities

Document Title: =============== Docker UI v0.10.0 - Multiple CS CSRF Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1802 Release Date: ============= 2016-03-27 Vulnerability Laboratory ID VL-ID: ====================================...

SUSE-SU-2016:0786-1 Security update for sles12-docker-image

This update for sles12-docker-image fixes issues with binaries and libraries included in the image where security updates have been made available in the last weeks. glibc security issues fixed: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a cras...

PHP local file inclusion vulnerability environment to build and use-vulnerability and early warning-the black bar safety net

0x00 description php local file inclusion vulnerability related to knowledge, the dark clouds on the earlier to have appropriate articles, lfi with phpinfo earliest by large foreign cattle raised, reference the following two articles. The use of the principle is to use the php post to upload file...

SUSE-SU-2016:0778-1 Security update for sles11sp4-docker-image

This rebuild for sles11sp4-docker-image fixes several important security issues done in libraries contained inside, for glibc, openssl, curl and openldap2. glibc security fixes: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute...

Pivotal Software Cloud Foundry Elastic Runtime Unauthorized Operation Vulnerability

Pivotal Software Cloud Foundry is an open source Platform-as-a-Service PaaS cloud computing platform from Pivotal Software that provides container scheduling, continuous delivery, and automated service deployment.Elastic Runtime is Pivotal Cloud Foundry's A runtime environment. A security...

CVE-2016-0761 Docker Image Host Files Corruption | Cloud Foundry

CVE-2016-0761 Docker Image Host Files Corruption Critical Vendor Cloud Foundry Foundation Description Garden linux contains a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container...

Self Hosted Git Service: Gogs

Gogs is a self-hosted Git service written in Go which is very easy to get running and has low system usage as well. It aspires to be the easiest, fastest, and most painless way to set up a self-hosted Git service. With Go, this can be done with an independent binary distribution across ALL...

Mageia: Security Advisory (MGASA-2016-0043)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated docker/golang packages fix security vulnerability

Manipulated layer IDs could have lead to local graph poisoning CVE-2014-8178. Manifest validation and parsing logic errors allowed pull-by-digest validation bypass CVE-2014-8179. To fix these issues, the golang package has been updated to version 1.4.3 and the docker package has been updated to...

Dnstwist - Domain Name Permutation Engine For Detecting Typo Squatting, Phishing And Corporate Espionage

See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud and corporate espionage. Useful as an additional source of targeted threat intelligence. The idea is...