5 matches found
EUVD-2026-41098
HashiCorp Vault and Vault Enterprise prior to 2.0.1 audit device validation logic did not consistently apply plugin directory protections when the legacy file audit path option was used. This vulnerability CVE-2026-5051 is fixed in 2.0.1, 1.21.6, 1.20.11, and 1.19.17...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CVE-2025-39840 audit: fix out-of-bounds read in audit_compare_dname_path()
In the Linux kernel, the following vulnerability has been resolved: audit: fix out-of-bounds read in auditcomparednamepath When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...
Code Execution
Vault is vulnerable to code execution. The vulnerability is due to a privileged operator with write access to sys/audit being able to exploit a plugin directory in Vault’s configuration, which allows an attacker to execute arbitrary code on the underlying host...
CVE-2024-52778
DCME-320 =7.4.12.90, DCME-520 =9.25.5.11, DCME-320-L =9.3.5.26, and DCME-720 =9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/monstathist.php...