CVE-2019-7656

A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/ core program files. By injecting a payload into one of those files...

EUVD-2021-16446

Malware in sbrugna...

EUVD-2024-30731

Malicious code in bioql PyPI...

Exploit for Incorrect Permission Assignment for Critical Resource in Mobyproject Moby

CVE-2021-41091 This exploit offers an in-depth look at the CV...

Fortinet FortiClient 代码注入漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A code injection vulnerability exists in Fortinet...

Siemens SCALANCE LPE9403 Incorrect Permission Assignment for Critical Resource (CVE-2021-41091)

A vulnerability was found in Moby Docker Engine where the data directory typically /var/lib/docker contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included...

Siemens SCALANCE LPE9403 Path Traversal (CVE-2021-41103)

A vulnerability was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permissi...

NewStart CGSL MAIN 6.06 : neod Multiple Vulnerabilities (NS-SA-2023-0142)

The remote NewStart CGSL host, running version MAIN 6.06, has neod packages installed that are affected by multiple vulnerabilities: - runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectl...

Broadcom RAID Controller Security Vulnerability

Broadcom RAID Controller is a series of RAID controllers from Broadcom USA. A security vulnerability exists in the Broadcom RAID Controller, which stems from a security flaw in the web interface that allows any local user on Linux to access encryption keys, leading to the disclosure of sensitive...

NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Multiple Vulnerabilities (NS-SA-2023-0014)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has docker-ce packages installed that are affected by multiple vulnerabilities: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempting to...

CBL Mariner 2.0 Security Update: moby-containerd (CVE-2021-41103)

The version of moby-containerd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-41103 advisory. - containerd is an open source container runtime with an emphasis on simplicity, robustness and...

A new botnet called the Medusa Botnet is emerging via Mirai Botnet targeting Linux users

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Mirai is a botnet that has been active since 2016 and exploits vulnerabilities in Linux-based networking devices like routers and IoT devices to gain control and perform malicious activities like...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2240)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2253)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2022-1993)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2022-017)

The version of docker installed on the remote host is prior to 20.10.7-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2022-017 advisory. A file permissions vulnerability was found in Moby Docker Engine. Copying files by using docker cp into a...

Amazon Linux 2 : containerd (ALASNITRO-ENCLAVES-2022-016)

The version of containerd installed on the remote host is prior to 1.4.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2022-016 advisory. containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug wa...

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Multiple Vulnerabilities (NS-SA-2022-0018)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by multiple vulnerabilities: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempting to...

Amazon Linux 2 : containerd (ALASDOCKER-2022-016)

The version of containerd installed on the remote host is prior to 1.4.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2022-016 advisory. containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found ...