IAP
IAP
Update and Patched runc vulnerable to container breakout through process.cwd trickery and leaked fds
The project `smartcontractkit/chainlink` has used containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious image...
## Description Summary The project `digitalocean/do-agent` has vulnerable A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number...
A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the...
### Issue description: how do I disable ssl:443 on nuclei ? I have looked for all the ways but when I run `nuclei -t nuclei-templates/ -l list.txt` the output results...
## Description Overview Affected of this project `amzn/amazon-pay-api-sdk-nodejs` are vulnerable to Improper Input Validation due to the improper handling of URLs by the `url.parse()` function. When new `URL()` throws an...
An issue found in project `larksuite/node-sdk` used axios .8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request...
## Update 👾 Describe The Sumarry: Affected of this project `EpicGames/BlenderTools` are vulnerable to Access Control Bypass via the server.fs.deny option. An attacker can gain access to sensitive files by...
## Description Overview Affected of this project `fireblocks/fireblocks-sdk-js` are vulnerable to Improper Input Validation due to the improper handling of URLs by the `url.parse()` function. When new `URL()` throws an...
### Name lamrecognitions
## Update 👾 Describe The Sumarry: Affected of this project `magicoss/erc721m` are vulnerable to Improper Handling of Insufficient Privileges via the wrangler dev server configuration. An attacker on the local...