Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-2409

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00346EPSS
Exploits1References7
RedhatCVE
RedhatCVEadded 2025/05/22 6:33 p.m.4 views

CVE-2021-32074

HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking...

7.5CVSS6.3AI score0.00346EPSS
Exploits1References1
OSV
OSVadded 2025/04/19 4:50 p.m.20 views

MAL-2025-3269 Malicious code in vault-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c39e1eed1d8bf3442c38c8963d7e9aae31825a734eec63405aa146da7a02b57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/04/19 4:50 p.m.2 views

Malicious code in vault-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c39e1eed1d8bf3442c38c8963d7e9aae31825a734eec63405aa146da7a02b57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSVadded 2021/05/07 5:15 a.m.15 views

CVE-2021-32074

HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking...

7.5CVSS6.3AI score
Exploits0References4
NVD
NVDadded 2021/05/07 5:15 a.m.7 views

CVE-2021-32074

HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking...

7.5CVSS0.00346EPSS
Exploits1References4
Prion
Prionadded 2021/05/07 5:15 a.m.16 views

Denial of service

HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking...

5CVSS7.3AI score0.00346EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2021/05/07 4:1 a.m.12 views

CVE-2021-32074

HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking...

7.5AI score0.00346EPSS
Exploits1References4
CVE
CVEadded 2021/05/07 4:1 a.m.51 views

CVE-2021-32074

HashiCorp vault-action (Vault GitHub Action) prior to version 2.2.0 is affected. Affected component: vault-action, which fails to correctly register multi-line secrets for GitHub Actions log masking, enabling potential disclosure of sensitive information from logs. Remediation: upgrade to vault-a...

7.5CVSS7.2AI score0.00346EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2021/05/07 12:0 a.m.3 views

HashiCorp Vault 日志信息泄露漏洞

HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp USA. An information disclosure vulnerability exists in HashiCorp vault-action prior to version 2.2.0, which stems from a multi-line secret that fails to properly register with GitHub Actions to mask logs, which can b...

7.5CVSS5.6AI score0.00346EPSS
Exploits1References5
Rows per page
Query Builder