3 matches found
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials
Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults from CyberArk and HashiCorp that, if successfully exploited, can allow remote attackers to crack open corporate identity systems and extract enterprise secrets and tokens from them. The 14...
CLSA-2025-1749548422 Fix of 14 CVEs
CVE-url: https://ubuntu.com/security/CVE-2025-21811 - nilfs2: protect access to buffers with no active references CVE-url: https://ubuntu.com/security/CVE-2025-21715 - net: davicom: fix UAF in dm9000drvremove CVE-url: https://ubuntu.com/security/CVE-2024-58083 - KVM: Explicitly verify target vCPU...
CLSA-2024-1732194412 Fix of 14 CVEs
Update to 8u432-ga fixing a number of CVEs - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: infinite loop vunlerability in SymbolTable - CVE-2024-21140: int overflow/underflow in Range Check Elimination - CVE-2024-21144: invalid header validation leads to Pack200 excessive loading time -...