Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/21 12:19 a.m.2 views

CVE-2026-39946

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation...

4.6CVSS5.8AI score0.00235EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.10 views

PT-2026-33884

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.3 Description OpenBao is an open source identity-based secrets management system. In the PostgreSQL database secrets engine, the system fails to use proper database quoting on schema names provided by PostgreSQL...

4.9CVSS5.5AI score0.00235EPSS
Exploits0References20
Code423n4
Code423n4
added 2023/06/13 12:0 a.m.12 views

Role might be granted and revoked at the same block to manipulate the role supply and result in incorrect behavior of relative strategy

Lines of code Vulnerability details Impact There is a potential issue where a role can be granted, votes can be cast, and then the role can be revoked in the same block. This can lead to incorrect behavior of relative strategy in manipulating the vote supply. The problem arises because the role...

6.7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/17 1:42 a.m.27 views

OpenStack Keystone does not invalidate existing tokens when granting or revoking roles

OpenStack Keystone before 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...

4CVSS5.8AI score0.01881EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder