22 matches found
EUVD-2017-3786
Malware in sbrugna...
EUVD-2016-1602
Malware in sbrugna...
EUVD-2024-18123
Malicious code in bioql PyPI...
A Novel Zero-Trust Identity Framework for Agentic AI: Decentralized Authentication and Fine-Grained Access Control
Traditional Identity and Access Management IAM systems, primarily designed for human users or static machine identities via protocols such as OAuth, OpenID Connect OIDC, and SAML, prove fundamentally inadequate for the dynamic, interdependent, and often ephemeral nature of AI agents operating at...
Arista EOS 安全漏洞
Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from improper handling of dynamic ACLs, which could affect access control...
The vulnerability of the Dynamic Access Policies function in microprogramming-based network interface controllers of Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows attackers to induce service failures.
The vulnerability of the Dynamic Access Policies function in microprogramming-based network interface controllers of Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to improper validation of the specified type of input data. Exploiting this vulnerability c...
CVE-2024-20408
A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...
CVE-2024-20408
A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability
A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...
The vulnerability of the Dynamic Access Control Function Implementation in Microprogrammable Network Interface Cards from Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) arises from the possibility of an operation leaving the buffer boundary into memory, allowing a attacker to cause a service failure.
The vulnerability of the Dynamic Access Control Function Implementation in Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD systems is related to an operation that goes beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause...
CVE-2022-20947
A vulnerability in dynamic access policies DAP functionality of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...
Design/Logic Flaw
A vulnerability in dynamic access policies DAP functionality of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...
CVE-2022-20947
CVE-2022-20947 affects Cisco ASA and Firepower Threat Defense (FTD) software via the Dynamic Access Policies (DAP) feature. The root cause is improper processing of HostScan data from the Posture module, allowing an unauthenticated, remote attacker to cause an affected device to reload and suffer...
PT-2022-6087 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the dynamic access policies DAP functionality is due to...
Access to restricted PHP code by dynamic static class access
Impact Template authors could run restricted static php methods. Patches Please upgrade to 3.1.40 or higher. References See the documentation on Smarty security features on the staticclasses access filter. For more information If you have any questions or comments about this advisory please open ...
Zero Trust framework to enable remote work
Zero Trust Assessment tool now live! With such a large influx of employees working remotely, many of the traditional network-based security controls are unable to protect the organization. For many organizations, there are two options: route all remote traffic through a strained legacy network...
Building Zero Trust networks with Microsoft 365
The traditional perimeter-based network defense is obsolete. Perimeter-based networks operate on the assumption that all systems within a network can be trusted. However, todays increasingly mobile workforce, the migration towards public cloud services, and the adoption of Bring Your Own Device...
Cisco Catalyst 4000 Series Switches Authentication Bypass Vulnerability
Cisco Catalyst 4000 Series Switches is a 4000 series switch device from Cisco USA.IOS XE Software is one of the operating systems developed for network devices. A security vulnerability exists in the dynamic access lists ACLs of the IOS XE Software in Cisco Catalyst 4000 Series Switches. An...
Design/Logic Flaw
Smarty before 3.0.0, when security is enabled, does not prevent access to the 1 dynamic and 2 private object members of an assigned object, which has unspecified impact and remote attack vectors...
A Vulnerability in IOS Firewall Feature Set - Cisco Systems
The IOS Firewall Feature set, also known as Cisco Secure Integrated Software, also known as Context Based Access Control CBAC, and introduced in IOS version 11.2P, has a vulnerability that permits traffic normally expected to be denied by the dynamic access control lists. This vulnerability is...