Lucene search
K

PT-2025-31661

🗓️ 01 Aug 2025 00:00:00Reported by Positive TechnologiesType 
ptsecurity
 ptsecurity
🔗 dbugs.ptsecurity.com👁 3 Views

Privileged Vault operator can execute code on host if plugin directory set; fixed in Vault updates.

Related
Refs
ReporterTitlePublishedViews
Family
AlpineLinux
CVE-2025-54997
9 Aug 202501:56
alpinelinux
BDU FSTEC
The vulnerability of HashiCorp’s Vault and Vault Enterprise file archiving platforms lies in the fact that inserting confidential information into the log file allows a perpetrator to access this confidential information.
24 Sep 202400:00
bdu_fstec
BDU FSTEC
The vulnerability of the sys/audit component in the Vault Enterprise and Vault Community Edition enterprise information archiving platform allows a perpetrator to gain unauthorized access to execute arbitrary code.
8 Aug 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the user blocking mechanism of the Vault Enterprise and Vault Community Edition corporate information archiving platforms allows attackers to circumvent existing security restrictions.
8 Aug 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the Vault Enterprise and Vault Community Edition archiving platforms for corporate information, related to improper privilege assignment, allows attackers to elevate their privileges to the root level.
8 Aug 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the CompareHashAndPassword function in the Vault Enterprise and Vault Community Edition platforms for archiving corporate information allows attackers to gain unauthorized access to protected information due to timing discrepancies.
17 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of OpenBao’s secret and encryption management system, related to improper handling of code generation, allows a perpetrator to execute arbitrary codes.
17 Sep 202500:00
bdu_fstec
Chainguard
CVE-2024-8365 vulnerabilities
2 Sep 202405:15
cgr
Chainguard
CVE-2025-5999 vulnerabilities
7 Jan 202601:30
cgr
Chainguard
CVE-2025-6000 vulnerabilities
7 Jan 202601:30
cgr
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Oct 2025 00:00Current
8.2High risk
Vulners AI Score8.2
CVSS 3.16.5 - 9.1
EPSS0.00873
SSVC
3