EUVD-2016-1602

Malware in sbrugna...

EUVD-2017-3786

Malware in sbrugna...

EUVD-2024-18123

Malicious code in bioql PyPI...

A Novel Zero-Trust Identity Framework for Agentic AI: Decentralized Authentication and Fine-Grained Access Control

Traditional Identity and Access Management IAM systems, primarily designed for human users or static machine identities via protocols such as OAuth, OpenID Connect OIDC, and SAML, prove fundamentally inadequate for the dynamic, interdependent, and often ephemeral nature of AI agents operating at...

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from improper handling of dynamic ACLs, which could affect access control...

CVE-2024-20408

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

CVE-2024-20408

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

CVE-2022-20947

A vulnerability in dynamic access policies DAP functionality of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...

Design/Logic Flaw

A vulnerability in dynamic access policies DAP functionality of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...

CVE-2022-20947

CVE-2022-20947 affects Cisco ASA and Firepower Threat Defense (FTD) software via the Dynamic Access Policies (DAP) feature. The root cause is improper processing of HostScan data from the Posture module, allowing an unauthenticated, remote attacker to cause an affected device to reload and suffer...

PT-2022-6087 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the dynamic access policies DAP functionality is due to...

Access to restricted PHP code by dynamic static class access

Impact Template authors could run restricted static php methods. Patches Please upgrade to 3.1.40 or higher. References See the documentation on Smarty security features on the staticclasses access filter. For more information If you have any questions or comments about this advisory please open ...

Zero Trust framework to enable remote work

Zero Trust Assessment tool now live! With such a large influx of employees working remotely, many of the traditional network-based security controls are unable to protect the organization. For many organizations, there are two options: route all remote traffic through a strained legacy network...

Building Zero Trust networks with Microsoft 365

The traditional perimeter-based network defense is obsolete. Perimeter-based networks operate on the assumption that all systems within a network can be trusted. However, todays increasingly mobile workforce, the migration towards public cloud services, and the adoption of Bring Your Own Device...

Cisco Catalyst 4000 Series Switches Authentication Bypass Vulnerability

Cisco Catalyst 4000 Series Switches is a 4000 series switch device from Cisco USA.IOS XE Software is one of the operating systems developed for network devices. A security vulnerability exists in the dynamic access lists ACLs of the IOS XE Software in Cisco Catalyst 4000 Series Switches. An...

Design/Logic Flaw

Smarty before 3.0.0, when security is enabled, does not prevent access to the 1 dynamic and 2 private object members of an assigned object, which has unspecified impact and remote attack vectors...

A Vulnerability in IOS Firewall Feature Set - Cisco Systems

The IOS Firewall Feature set, also known as Cisco Secure Integrated Software, also known as Context Based Access Control CBAC, and introduced in IOS version 11.2P, has a vulnerability that permits traffic normally expected to be denied by the dynamic access control lists. This vulnerability is...

Security Advisory: A Vulnerability in IOS Firewall Feature Set

Cisco Security Advisory: A Vulnerability in IOS Firewall Feature Set Revision 1.0 For Public Release 2001 November 28 08:00 UTC -0800 Summary The IOS Firewall Feature set, also known as Cisco Secure Integrated Software, also known as Context Based Access Control, and introduced in IOS version...

Cisco IOS Firewall Feature Set fails to check IP protocol type thereby allowing packets to bypass dynamic access control lists

Overview The Cisco IOS Firewall Feature Set also known as Cisco Secure Integrated Software, or Context Based Access Control may allow an intruder to pass traffic through the firewall in violation of implied security policies. Description It is important to note that only configurations that use t...