CVE-2025-54996

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

PT-2025-32379 · Openbao · Openbao

Name of the Vulnerable Software and Affected Versions: OpenBao versions 2.3.1 and below Description: OpenBao is a software solution for managing, storing, and distributing sensitive data. In affected versions, accounts with access to highly-privileged identity entity systems in root namespaces...

SUSE CVE-2024-9180

A privileged Vault operator with write permissions to the root namespace's identity endpoint could escalate their own or another user's privileges to Vault's root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16...

PT-2024-7690 · Hashicorp +3 · Hashicorp Vault +4

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault versions prior to 1.18.0 HashiCorp Vault Enterprise versions prior to 1.18.0, 1.17.7, 1.16.11, and 1.15.16 Description: A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalat...

Judge0 CE 安全漏洞

Judge0 CE is an open source online code execution system from Judge0 Open Source. A security vulnerability exists in Judge0 CE versions prior to 1.13.1. The vulnerability stems from a security issue in the default configuration, which leads to a server-side request forgery that can be exploited b...

Barco ClickShare Button R9861500D01 Insufficient Credential Protection Vulnerability

The Barco ClickShare Button R9861500D01 is a wireless control device for presentation systems from Barco Belgium. An insufficiently protected credentials vulnerability exists in Barco ClickShare Button R9861500D01 prior to version 1.9.0, which can be exploited by an attacker to obtain the identit...