CVE-2024-23054

An issue in Plone Docker Official Image 5.2.13 5221 open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index npm...

CVE-2024-23054

Summary: CVE-2024-23054 affects the Plone Docker Official Image 5.2.13 (5221) where a package listed in ++plone++static/components is not present in the public npm index, enabling remote code execution. Affected software: Plone Docker Official Image 5.2.13 (5221). Root cause: Missing package in t...

CVE-2024-23055

An issue in Plone Docker Official Image 5.2.13 5221 open-source software allows for remote code execution via improper validation of input by the HOST headers...

CVE-2024-23055

Plone Docker Official Image 5.2.13 (5221) is vulnerable to Host Header Injection due to improper validation of input by the HOST headers. The Nuclei template describes this issue as enabling Cross-Site Scripting when a malicious Host header is reflected in the response, with the broader impact no...

CVE-2020-35189

The official kong docker images before 1.0.2-alpine Alpine specific contain a blank password for a root user. System using the kong docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...

Docker Images Telegraf Access Control Error Vulnerability

Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrading of applications...

Docker Images Official Drupal Access Control Error Vulnerability

Docker is an open source application container engine from the American company Docker. It supports the creation of a container lightweight virtual machine and the deployment and running of applications on Linux systems, as well as the automated installation, deployment and upgrading of...

storm Docker Security Vulnerabilities

Apache Storm is an open source distributed real-time computing system developed in Clojure concurrent programming language by the Apache Foundation. A security vulnerability exists in Storm Docker Image versions prior to 1.2.1 that stems from the official image containing a blank password for the...

DVNA - Damn Vulnerable NodeJS Application

Damn Vulnerable NodeJS Application DVNA is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing and avoiding these vulnerabilities. The fixes branch will contain fixes for the vulnerabilities. Fixes for vunerabilities OWASP Top 10 2017 vulnerabilities at...