Lucene search
K

20 matches found

Vulnrichment
Vulnrichment
added 2026/06/18 1:51 p.m.11 views

CVE-2026-12539 Docker Sandboxes ICMP egress restriction bypass after daemon restart

Docker Sandboxes sbx blocks ICMP egress with an authorizer applied only at network-creation time, and does not re-apply it to networks rebuilt from disk when the Docker daemon restarts, so a restart-surviving sandbox forwards ICMP to arbitrary hosts. A workload inside a sandbox, which the threat...

5.7CVSS5.4AI score0.00097EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-3251

Malicious code in bioql PyPI...

8.8CVSS4.8AI score0.02684EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-46886

Malicious code in bioql PyPI...

9.1CVSS6.5AI score0.00265EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:24 a.m.8 views

CVE-2022-43916

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure...

9.1CVSS6.8AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 12:15 p.m.2 views

CVE-2022-43916

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure...

9.1CVSS5.8AI score0.00265EPSS
Exploits0References1
NVD
NVD
added 2025/01/30 12:15 p.m.9 views

CVE-2022-43916

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure...

9.1CVSS0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/30 12:4 p.m.16 views

CVE-2022-43916 IBM App Connect Enterprise Certified Container improper communications restriction

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure...

6.8CVSS0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/30 12:4 p.m.11 views

CVE-2022-43916 IBM App Connect Enterprise Certified Container improper communications restriction

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure...

6.8CVSS6.6AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2025/01/30 12:4 p.m.48 views

CVE-2022-43916

The CVE-2022-43916 issue affects IBM App Connect Enterprise Certified Container versions 7.1 through 12.7. Pods used for internal infrastructure do not restrict network egress, which can lead to unintended external access or data leakage. Remediation is provided by IBM: upgrade to Operator versio...

9.1CVSS6.6AI score0.00265EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.4 views

IBM App Connect Enterprise Certified Container 安全漏洞

IBM App Connect Enterprise Certified Container is an image based on the IBM App Connect Enterprise software product from International Business Machines IBM. The package is provided as an executable file that can be deployed and run in a containerized environment. A security vulnerability exists ...

9.1CVSS6.4AI score0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 10:3 p.m.14 views

CVE-2024-52587 Harden-Runner has command injection weaknesses in `setup.ts` and `arc-runner.ts`

StepSecurity's Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners. Versions of step-security/harden-runner prior to v2.10.2 contain multiple command injection weaknesses via environment variables that could potentially be exploited under...

6.9CVSS7.5AI score0.02684EPSS
Exploits0References8
CVE
CVE
added 2024/11/18 10:3 p.m.63 views

CVE-2024-52587

The CVE applies to StepSecurity Harden-Runner. Versions prior to v2.10.2 contain multiple command-injection weaknesses via environment variables in setup.ts and arc-runner.ts, exploitable under specific conditions. However, the documentation notes that due to GitHub Actions pre-step execution ord...

8.8CVSS9AI score0.02684EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/11/18 10:3 p.m.23 views

CVE-2024-52587 Harden-Runner has command injection weaknesses in `setup.ts` and `arc-runner.ts`

StepSecurity's Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners. Versions of step-security/harden-runner prior to v2.10.2 contain multiple command injection weaknesses via environment variables that could potentially be exploited under...

6.9CVSS0.02684EPSS
Exploits0References8
CNVD
CNVD
added 2021/02/20 12:0 a.m.3 views

Arbitrary File Read Vulnerability in Ruijie EG Easy Gateway WEB Management System

Ruijie EasyGate is a multi-service integrated gateway product launched by Ruijie Networks to solve the current network egress problems. The WEB management system of Ruijie EG EasyGate has an arbitrary file reading vulnerability, which can be exploited by an attacker to log in a user with low...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/02/20 12:0 a.m.3 views

Arbitrary Command Execution Vulnerability in NPE Network Egress Engine System of Ruijie Networks Co.

Ltd. is a company mainly engaged in information system integration services; Internet virtual private network services; Internet management services and other items. An arbitrary command execution vulnerability exists in the NPE network egress engine system of Ruijie Networks Co. An attacker can...

7.8AI score
Exploits0
Kitploit
Kitploit
added 2018/12/02 11:49 a.m.43 views

Domain Hunter - Checks Expired Domains For Categorization/Reputation And Archive.org History To Determine Good Candidates For Phishing And C2 Domain Names

Domain name selection is an important aspect of preparation for penetration tests and especially Red Team engagements. Commonly, domains that were used previously for benign purposes and were properly categorized can be purchased for only a few dollars. Such domains can allow a team to bypass...

7.1AI score
Exploits0References2
The Coalfire Blog
The Coalfire Blog
added 2018/06/26 8:8 p.m.53 views

Executing Meterpreter on Windows 10 and Bypassing Antivirus

One of my Labs colleagues recently published an article on the Coalfire Blog about executing an obfuscated PowerShell payload using Invoke-CradleCrafter. This was very useful, as Windows Defender has upped its game lately and is now blocking Metasploits Web Delivery module. I wanted to demonstrat...

2AI score
Exploits0
Kitploit
Kitploit
added 2017/06/08 3:30 p.m.16 views

Domain Hunter - Checks Expired Domains, Bluecoat Categorization, And Archive.Org History To Determine Good Candidates For Phishing

Domain name selection is an important aspect of preparation for penetration tests and especially Red Team engagements. Commonly, domains that were used previously for benign purposes and were properly categorized can be purchased for only a few dollars. Such domains can allow a team to bypass...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2015/08/03 12:0 a.m.1 views

License Bypass Vulnerability in Riptide Networks NPE Network Egress Engine Highest Software Version

NPE 50 E is a specialized device developed by Ruijie Networks for domestic network egress. An authorization bypass vulnerability exists in the highest software version of the Ruijie Networks NPE Network Egress Engine, allowing attackers to exploit this vulnerability to obtain sensitive informatio...

6.7AI score
Exploits0
CNVD
CNVD
added 2015/04/27 12:0 a.m.9 views

Zhongkexinye Network Sentinel Arbitrary File Upload Vulnerability (CNVD-2015-07916)

ZKXY Network Sentinel is an Internet security auditing system that integrates behavioral auditing and content auditing, and is deployed as a bypass at the network egress. An arbitrary file upload vulnerability exists in ZKXN Network Sentry. The vulnerability occurs because the file...

7.3AI score
Exploits0
Rows per page
Query Builder