Blog
CVE-2019-8339, a Falco capacity related vulnerability.
In the following blog post we are going to get a closer look at Falco CVE-2019-8339 vulnerability. Recently, a member…
Search Results
Search Results 11 - 20 of 47
Blog
How to detect sudo’s CVE-2021-3156 using Falco
A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility…
Blog
Understanding and mitigating CVE-2020-8566: Ceph cluster admin credentials leaks in kube-controller-manager log
While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8566) in Kubernetes that may cause sensitive data leakage….
Blog
Detecting the Kubernetes API server DoS vulnerability (CVE-2019-1002100).
Recently, a new Kubernetes related vulnerability was announced that affected the kube-apiserver. This was a denial of service vulnerability where…
Blog
Detect CVE-2020-8555 using Falco
This CVE is a Server Side Request Forgery (SSRF) vulnerability in kube-controller-manager that allows certain authorized users to leak up…
Blog
Understanding and mitigating CVE-2020-8563: vSphere credentials leak in the cloud-controller-manager log
While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8563) in Kubernetes that may cause sensitive data leakage….
Blog
Detecting jQuery File Upload vulnerability using Falco (CVE-2018-9206)
In the past few days, a new vulnerability was disclosed in a widely used component – jQuery File Upload plugin….
Blog
Exploiting and detecting CVE-2021-25735: Kubernetes validating admission webhook bypass
The CVE-2021-25735 medium-level vulnerability has been found in Kubernetes kube-apiserver that could bypass a Validating Admission Webhook and allow unauthorised…
Blog
CVE-2018-18264 Privilege escalation through Kubernetes dashboard.
A recently disclosed vulnerability in Kubernetes dashboard (CVE-2018-18264) exposes secrets to unauthenticated users. In this blog post we’ll explore some…
Blog
Top 20 Dockerfile best practices
Learn how to prevent security issues and optimize containerized applications by applying a quick set of Dockerfile best practices in…