dockerscan - Docker Security Analysis and Hacking Tools

What's dockerscan A Docker analysis tools Very quick install python3.5 -m pip install -U pip python3.5 -m pip install dockerscan Show options: dockerscan -h Available actions Currently Docker Scan support these actions: Scan: Scan a network trying to locate Docker Registries Registry Delete: Dele...

openSUSE Security Update : fossil (openSUSE-2017-949)

This update for fossil to version 2.3 fixes the following issues : - Potential XSS vulnerability on the /help webpage boo1053267 This update also contains all upstream improvements and fixes in version 2.3 : - Update internal Unicode character tables, used in regular expression handling, from...

CVE-2017-8645

creationtimestamp| type| source ---|---|--- 2017-08-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42469...

CVE-2017-8657

creationtimestamp| type| source ---|---|--- 2017-08-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42481...

CVE-2017-8644

creationtimestamp| type| source ---|---|--- 2017-08-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42459...

[SECURITY] Fedora 25 Update: varnish-5.0.0-4.fc25

This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don't have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a significant speed up...

Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation Vulnerability

Exploit for macOS platform in category local exploits Source: https://www.securify.nl/advisory/SFY20170403/xamarin-studio-for-mac-api-documentation-update-affected-by-local-privilege-escalation.html Abstract Xamarin Studio is an Integrated Development Environment IDE used to create iOS, Mac and...

[SECURITY] Fedora 26 Update: postgresql-9.6.4-1.fc26

PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...

[SECURITY] Fedora 26 Update: varnish-5.1.3-2.fc26

This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=EF=BF=BD=EF=BF =BD=EF=BF=BDt have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a...

Xamarin Studio for Mac 6.2.1 (build 3) 6.3 (build 863) - Local Privilege Escalation

Xamarin Studio for Mac 6.2.1 build 3 6.3 build 863 - Local Privilege Escalation Source: https://www.securify.nl/advisory/SFY20170403/xamarin-studio-for-mac-api-documentation-update-affected-by-local-privilege-escalation.html Abstract Xamarin Studio is an Integrated Development Environment IDE use...

Xamarin Studio For Mac 6.2.1 (Build 3) / 6.3 (Build 863) Privilege Escalation

------------------------------------------------------------------------ Xamarin Studio for Mac API documentation update affected by local privilege escalation ------------------------------------------------------------------------ Yorick Koster, April 2017...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0028

An update of linux packages for PhotonOS has been released...

Oracle Linux 7 : openssh (ELSA-2017-2029)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2029 advisory. 7.4p1-11 + 0.10.3-1 - Compiler warnings 1341754 7.4p1-10 + 0.10.3-1 - Add missing messages in FIPS mode 1341754 7.4p1-9 + 0.10.3-1 - Allow harmless...

CVE-2017-3635

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/C. Supported versions that are affected are 6.1.10 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors...

WS-Attacker v1.8 - Modular Framework For Web Services Penetration Testing

WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum http://nds.rub.de/ and the Hackmanit GmbH http://hackmanit.de/ . The basic idea behind WS-Attacker is to provide a functionality to load WSDL...

CVE-2015-5059

The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files $gviewprojdocthreshold is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the fileid parameter to...

CVE-2015-5059

The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files $gviewprojdocthreshold is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the fileid parameter to...

CVE-2015-5059

The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files $gviewprojdocthreshold is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the fileid parameter to...

CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

Artifex Ghostscript GhostXPS Denial of Service Vulnerability (CNVD-2017-22388)

Artifex Ghostscript is an open source PostScript a page description language and programming language for the electronics industry and desktop publishing parser from Artifex Software. A security vulnerability exists in the 'InsMDRP' function of the base/ttinterp.c file in Artifex Ghostscript...