6 matches found
Privilege Escalation
github.com/openbao/openbao is vulnerable to Privilege Escalation. The vulnerability is due to accounts with access to privileged identity entity systems in root namespaces being able to escalate privileges to the global root policy...
SUSE CVE-2025-54996
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...
CVE-2025-54996
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...
CVE-2025-54996
CVE-2025-54996 — OpenBao root namespace privilege escalation. OpenBao versions 2.3.1 and earlier allow accounts with access to highly-privileged identity entity systems in the root namespace to directly elevate scope to the root policy. The identity system can add policies that grant capabilities...
CVE-2025-54996 OpenBao Root Namespace Operator May Elevate Token Privileges
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...
PT-2024-10005
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.65 Description The issue is related to a use-after-free vulnerability in the Linux kernel's SMB client, specifically in the generic ip connect function. This vulnerability can be exploited to impact the...