4 matches found
CVE-2025-20346
CVE-2025-20346 describes a Cisco Catalyst Center RBAC vulnerability: an authenticated, remote attacker with at least Observer/read-only access can alter policy configurations that should be Administrator‑only. Affected product is Cisco Catalyst Center; exploitation involves logging in and modifyi...
Improper Authentication
Kyverno is vulnerable to Improper Authentication. The vulnerability is due to the ability to override a ClusterPolicy such as "disallow-privileged-containers" by creating a PolicyException in any namespace. This design flaw allows users with privileges in non-Kyverno namespaces to create...
March 28, 2023—KB5023774 (OS Build 22000.1761) Preview
March 28, 2023—KB5023774 OS Build 22000.1761 Preview NEW 3/28/23 IMPORTANT Starting in April 2023, optional, non-security preview updates will release on the fourth Tuesday of the month. For more information, see Windows monthly updates explained. For information about Windows update terminology,...
SUSE CVE-2017-1000395
Jenkins 2.73.1 and earlier, 2.83 and earlier provides information about Jenkins user accounts which is generally available to anyone with Overall/Read permissions via the /user/username/api remote API. This included e.g. Jenkins users' email addresses if the Mailer Plugin is installed. The remote...