Authorization Bypass

google.golang.org/grpc is vulnerable to authorization bypass. The vulnerability is due to improper validation of the HTTP/2 :path pseudo-header, which allows an attacker to send malformed requests without a leading slash and bypass path-based authorization policies when fallback "allow" rules are...

CVE-2026-39350

Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, the serviceAccounts and notServiceAccounts fields in AuthorizationPolicy incorrectly interpret dots . as a regular expression matcher. Because . is...

Incorrect Authorization

Overview agent-mcp-gateway is an An MCP gateway that aggregates your existing MCP servers and lets you define which servers and individual tools each agent or subagent can access. Solves Claude Code's MCP context window waste where all tool definitions load upfront instead of being discovered whe...

DEBIAN-CVE-2023-35853

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...

CVE-2023-35853

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...

PT-2023-6099 · Suricata +2 · Suricata +2

Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 6.0.13 Description: The issue is related to insufficient input validation in the Suricata intrusion detection and prevention system. It may allow a remote attacker to execute arbitrary code. An adversary who control...

UBUNTU-CVE-2016-9850

An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 ar...

CVE-2016-9850

CVE-2016-9850 affects phpMyAdmin; root cause is non-constant execution time in username matching for allow/deny rules, which may cause wrong matches and exposure of the username in rules. Affected versions: phpMyAdmin 4.6.x before 4.6.5, 4.4.x before 4.4.15.9, and 4.0.x before 4.0.10.18. Impact i...

condor: allow or deny with overlapping netmasks may be ignored

Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions...