49 matches found
GHSA-G9FW-9X87-RMRJ Privilege Context Switching Error in Elasticsearch
Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
KVE- CVE-2018-1000400 affects Kubernetes CRI-O prior to 1.9. The vulnerability arises from a Privilege Context Switching Error in handling ambient capabilities, allowing containers to run with elevated privileges. The initial description notes exploitation via container execution and a fix in 1.9...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
DUO-PSA-2014-005: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2014-005 Publication Date: 2014-05-12 Revision Date: 2014-05-27 Status: Confirmed, Fixed Document Revision: 3 Overview Duo Security has identified an issue in its Credential-Provider based Remote Desktop Protocol RDP integrations e.g. those...
DUO-PSA-2014-005: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2014-005 Publication Date: 2014-05-12 Revision Date: 2014-05-27 Status: Confirmed, Fixed Document Revision: 3 Overview Duo Security has identified an issue in its Credential-Provider based Remote Desktop Protocol RDP integrations e.g. those...