Lucene search
+L

522 matches found

SUSE CVE
SUSE CVE
added 2025/11/09 12:23 a.m.5 views

SUSE CVE-2025-59048

OpenBao's AWS Plugin generates AWS access credentials based on IAM policies. Prior to version 0.1.1, the AWS Plugin is vulnerable to cross-account IAM role Impersonation in the AWS auth method. The vulnerability allows an IAM role from an untrusted AWS account to authenticate by impersonating a...

8.1CVSS6.7AI score0.00242EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/05 12:0 a.m.7 views

WSO2多款产品 安全漏洞

WSO2 API Manager and other products are products of WSO2 Corporation, USA.WSO2 API Manager is a set of API lifecycle management solutions.WSO2 Identity Server IS is an identity server.WSO2 Enterprise Integrator is a set of open source hybrid integration platform. A security vulnerability exists i...

9.1CVSS6.4AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/02 7:42 p.m.5 views

CVE-2025-11621

Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise...

8.1CVSS8.8AI score0.00494EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/24 3:40 p.m.6 views

CVE-2025-59048

OpenBao's AWS Plugin generates AWS access credentials based on IAM policies. Prior to version 0.1.1, the AWS Plugin is vulnerable to cross-account IAM role Impersonation in the AWS auth method. The vulnerability allows an IAM role from an untrusted AWS account to authenticate by impersonating a...

8.1CVSS6.7AI score0.00242EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/10/23 9:31 p.m.15 views

HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass

Vault and Vault Enterprise's "Vault" AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5,...

8.1CVSS7AI score0.00494EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/10/23 9:31 p.m.3 views

GHSA-9G4H-H484-3578 HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass

Vault and Vault Enterprise's "Vault" AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5,...

8.1CVSS7AI score0.00494EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/23 7:8 p.m.15 views

CVE-2025-11621 Vault AWS auth method bypass due to AWS client cache

Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise...

8.1CVSS0.00494EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.5 views

HashiCorp Vault Enterprise 安全漏洞

HashiCorp Vault Enterprise is an enterprise information archiving platform from HashiCorp, Inc. in the United States. A security vulnerability exists in HashiCorp Vault Enterprise versions 1.21.0, 1.20.5, 1.19.11, and 1.16.27, which stems from the same or wildcard use of the boundprincipaliam rol...

8.1CVSS9.2AI score0.00494EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.19 views

EUVD-2017-18298

Malware in sbrugna...

9.8CVSS9.5AI score0.03291EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-1989

Malware in sbrugna...

6.1CVSS6.5AI score0.01274EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.25 views

EUVD-2021-2368

Malware in sbrugna...

5.3CVSS5.3AI score0.00831EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2220

Malware in sbrugna...

9CVSS7AI score0.01289EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-9368

Malware in sbrugna...

8.8CVSS8.8AI score0.01383EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-6797

Malware in sbrugna...

7.5CVSS7.6AI score0.01033EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2021-1705

Malware in sbrugna...

8.2CVSS7.8AI score0.01461EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-7453

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00308EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19964

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-1817

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00358EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6388

Malicious code in bioql PyPI...

8.8CVSS8.3AI score0.0097EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-21537

Malicious code in bioql PyPI...

9.8CVSS7.8AI score0.01404EPSS
Exploits0References2
Rows per page
Query Builder