64 matches found
CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource
kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...
CVE-2025-24784
CVE-2025-24784 affects kubewarden-controller (AdmissionPolicyGroup CRD) in Kubewarden. The issue enables an information leak where context aware policies can—via the ServiceAccount used to run the Policy Server—list/get resources in the cluster beyond the policy’s own scope, depending on the RBAC...
PT-2025-5568 · Unknown +1 · Kubewarden-Controller +1
Name of the Vulnerable Software and Affected Versions: kubewarden-controller versions 1.17.0 through 1.20.x Description: The issue allows an attacker to obtain information about resources that are out of their reach by leveraging a higher access to the cluster granted to the ServiceAccount token...
The Importance of Asset Context in Attack Surface Management.
This is the last of the four blogs Help, I can’t see! A Primer for Attack Surface Management Blog Series, The Main Components of an Attack Surface Management ASM Strategy, and Understanding your Attack Surface: Different Approaches to Asset Discovery covering the foundational elements of Attack...
CVE-2023-33189
CVE-2023-33189 affects Pomerium, an identity and context-aware access proxy. The vulnerability arises from incorrect authorization decisions when handling specially crafted requests, enabling total impact on confidentiality, integrity, and availability per CVSS assessments. Affected versions incl...
[SECURITY] Fedora 36 Update: open-policy-agent-0.31.0-7.fc36
An open source, general-purpose policy engine. The Open Policy Agent OPA is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack...
[SECURITY] Fedora 36 Update: open-policy-agent-0.31.0-6.fc36
An open source, general-purpose policy engine. The Open Policy Agent OPA is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack...
IPS as a Service Blocks WannaCry Spread Across the WAN
One of the most devastating aspects of the recent WannaCry ransomware attack was its self-propagating capability exploiting a vulnerability in the file access protocol, SMB v1. Most enterprises defences are externally-facing, focused on stopping incoming email and web attacks. But, once attackers...
Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability
Cisco Adaptive Security Appliance ASA CX Context-Aware Security is an add-on service module for extending the ASA platform from Cisco USA. A security vulnerability exists in the data plane IP fragment handler in the Cisco ASA CX Context-Aware Security module, which arises from the program's failu...
CVE-2016-9225
A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance ASA CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service DoS condition. The...
Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability
A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance ASA CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service DoS condition. The...
Cisco Adaptive Security Appliance CX Context-Aware Security Information Disclosure Vulnerability
The Cisco Adaptive Security Appliance ASA CX Context-Aware Security Software is an add-on service module for extending the ASA platform from Cisco USA. An information disclosure vulnerability exists in Cisco Adaptive Security Appliance CX Context-Aware Security 9.3. It allows an authenticated...
CVE-2015-6344
The web-based GUI in Cisco Adaptive Security Appliance ASA CX Context-Aware Security 9.34.1.11 allows remote authenticated users to bypass intended access restrictions and obtain sensitive user information via an unspecified HTTP request, aka Bug ID CSCuv74105...
Design/Logic Flaw
The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware CX Software before 9.3.2.1-9 allows remote attackers to cause a denial of service device reload by rapidly sending crafted packets to the management interface, aka Bug IDs...
CVE-2015-0678
The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware CX Software before 9.3.2.1-9 allows remote attackers to cause a denial of service device reload by rapidly sending crafted packets to the management interface, aka Bug IDs...
NSF Awards $15m for New Secure Internet Architecture
The National Science Foundation NSF is awarding $15 million in grants for the development, deployment and testing of future Internet architectures that are designed to enhance security, respond to emerging service challenges, and increase scalability. In 2010, the NSF Directorate for Computer and...
CVE-2013-5561
The Safe Search enforcement feature in Cisco Adaptive Security Appliance ASA CX Context-Aware Security Software does not properly perform filtering, which allows remote attackers to bypass intended policy restrictions via unspecified vectors, aka Bug ID CSCui94622...
CVE-2013-5561
Cisco ASA CX Context-Aware Security Safe Search enforcement contains a bypass vulnerability (Bug CSCui94622) that could allow an unauthenticated, remote attacker to bypass security policy via crafted HTTP requests. No software update is available per Cisco advisory Cisco-SA-20131104-CVE-2013-5561...
CVE-2013-1203
Cisco ASA CX Context-Aware Security Software allows remote attackers to cause a denial of service device reload via crafted TCP packets that appear to have been forwarded by a Cisco Adaptive Security Appliances ASA device, aka Bug ID CSCue88386...
CVE-2013-1203
Cisco ASA CX Context-Aware Security Software allows remote attackers to cause a denial of service device reload via crafted TCP packets that appear to have been forwarded by a Cisco Adaptive Security Appliances ASA device, aka Bug ID CSCue88386...