Updated docker packages fix security vulnerability

Server side request forgery CVE-2022-29153 Bypass primary group restrictions due to a flaw in the supplementary group access setup CVE-2022-36109 Imported Nodes/Services Information leak in moby-engine. CVE-2022-3920...

ownCloud: Remote Code Execution on ownCloud instances with ImageMagick installed

A vulnerability in ownCloud instances with ImageMagick installed allowed attackers to execute arbitrary code on the system by uploading a specially crafted file and knowing the file path of a previously uploaded file. The vulnerability was due to the usage of ImageMagick for preview generation fo...

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963 Exploit Description In Spring Cloud Funct...

CVE-2023-22495

Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token JWT, an attacker cou...

CVE-2023-22495

CVE-2023-22495 affects Izanami, a shared configuration service for microservices. In versions prior to 1.11.0, an attacker could bypass authentication when running the official Docker image because a hard-coded secret signs the JWT token, enabling compromise of another Izanami instance. The vulne...

Exploit for SQL Injection in Wordpress

SSI-CVE-2022-21661 Information System's Security 2nd Assignme...

[SECURITY] Fedora 37 Update: golang-github-docker-22.06.0~beta.0-7.fc37

Moby is an open-source project created by Docker to enable and accelerate software containerization. It provides a "Lego set" of toolkit components, the framework for assembling them into custom container-based systems, and a place for all container enthusiasts and professionals to experiment and...

[SECURITY] Fedora 37 Update: moby-engine-20.10.22-1.fc37

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

Fedora: Security Advisory for moby-engine (FEDORA-2023-fde38dda12)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. A second initial access vector technique entails the use of vulnerable images, Sunders Bruskin, security...

Exploit for Cross-Site Request Forgery (CSRF) in Filebrowser

CVE-2021-46398 - Lalie ARNOUD, Gaspard ANDRIEU In this reposi...

Subparse - Modular Malware Analysis Artifact Collection And Correlation Framework

Subparse, is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse and index malware files and present the information found during the parsing in a searchable web-viewer. The framework is modular, making use of a core parsing engine,...

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. Its especially nice that all the code to support the new API was written and contributed ...

Fedora: Security Advisory for moby-engine (FEDORA-2022-db674bafd9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: moby-engine-20.10.21-1.fc36

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

[SECURITY] Fedora 37 Update: moby-engine-20.10.21-1.fc37

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

Fedora: Security Advisory for moby-engine (FEDORA-2022-7e327a20be)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Git-Scm Git

docker host file read using cve-2022-39253 poc PoC r...

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell-PoC Application This application has been contai...

CVE-2022-46157 Remote php code execution in Akeneo PIM

Akeneo PIM is an open source Product Information Management PIM. Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions...