19 matches found
CVE-2026-45876
A flaw was found in the Linux kernel. Improper error handling in the archsetshadowstackstatus function, specifically related to allocgcs, could lead to the use of an invalid Global Context Structure GCS address. This issue may allow a local attacker to cause system instability or a denial of...
CVE-2026-40557 Apache Storm Prometheus Reporter: Disabling TLS verification for Prometheus Reporter also disables it for all other connections
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...
CVE-2026-40868
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header...
CVE-2026-40868
Kyverno pre-1.16.4 apiCall serviceCall implicitly injects the Authorization: Bearer token from the kyverno serviceaccount when a policy omits an Authorization header. Since context.apiCall.service.url is policy-controlled, this can leak the serviceaccount token to attacker-controlled endpoints (c...
CVE-2026-40868 kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token
kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header. because context.apiCall.service.url is policy-controlled, this can send the kyverno serviceaccount tok...
PT-2026-33227
Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.16.4 Description The apiCall servicecall helper implicitly injects an 'Authorization: Bearer ...' header using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization heade...
Efficient Software Vulnerability Detection Using Transformer-Based Models
Detecting software vulnerabilities is critical to ensuring the security and reliability of modern computer systems. Deep neural networks have shown promising results on vulnerability detection, but they lack the capability to capture global contextual information on vulnerable code. To address th...
EUVD-2022-3390
Malicious code in bioql PyPI...
Attack Smarter: Attention-Driven Fine-Grained Webpage Fingerprinting Attacks
Website Fingerprinting WF attacks aim to infer which websites a user is visiting by analyzing traffic patterns, thereby compromising user anonymity. Although this technique has been demonstrated to be effective in controlled experimental environments, it remains largely limited to small-scale...
Talos, Cisco Incident Response team up to offer more protection than ever
By Sean Mason Over the years, I've had the honor and privilege to work within some of the greatest security teams on the planet, working alongside such passionate and talented people at Cisco makes delivering this announcement perhaps the greatest honor yet. The best security organizations on the...
Security Manager Bypass
web-naming is vulnerable to denial of service via security manager bypass. The ResourceLinkFactory.setGlobalContext method was accessibly under a security manager without any checks. This allowed a malicious web application to injection a global context that could be used to disrupt other web...
Apache Tomcat 7.0.x < 7.0.68 / 8.0.x < 8.0.32 Multiple Vulnerabilities
Binary data 9313.prm...
Apache Tomcat Security Manager Security Restriction Bypass Vulnerability
Apache Tomcat is a popular open source JSP application server program. Apache Tomcat Security Manager in the ResourceLinkFactory.setGlobalContext public method implementation of a security restriction bypass vulnerability, an attacker through a malicious web application to inject the global...
CVE-2016-0763
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass...