10 matches found
CVE-2026-29773
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
CVE-2026-29773
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the deprecated host-callback APIs kubernetes/ingresses, kubernetes/namespaces, and kubernetes/services. An attacker can gain unauthorized read access to Ingresses, Namespaces, and Services resources across al...
PT-2026-24144
Name of the Vulnerable Software and Affected Versions Kubewarden versions prior to 1.33.0 Description Kubewarden is a policy engine for Kubernetes. An attacker with privileged "AdmissionPolicy" create permissions could leverage three deprecated host-callback APIs: kubernetes/ingresses,...
Restore to Google Compute Engine Fails with API Errors When Using Helper Appliance
Challenge When restoring a VM to Google Compute Engine GCE, the following errors occur: For Windows platform: Failed to restore to GCE: import-image: datestamp step "import" run error: step "wait-for-bootstrap" did not complete within the specified timeout of 20m0s System.Exception For Linux...
CVE-2019-11993
A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVity OmniStack for Dell nodes. Two now...
APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage
Application programming interfaces APIs are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic 71% in 2023 was A...
Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs
Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords...
Elasticsearch 8.9.2 and 7.17.13 Security Update
Elasticsearch Insertion of sensitive information in audit logs ESA-2023-12 Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for API...
CVE-2019-11993
A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVity OmniStack for Dell nodes. Two now...