Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

HashiCorp BoundaryBoundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured

high
7.1
First published (updated )
CVE-2023-0690

HashiCorp VaultVault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation

high
8.1
First published (updated )
CVE-2023-24999

HashiCorp NomadNomad Job Submitter Privilege Escalation Using Workload Identity

high
8.8
First published (updated )
CVE-2023-1299

HashiCorp HermesHashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

high
8.2
First published (updated )
CVE-2025-1293

HashiCorp VaultVault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests

high
7.5
EPSS
0.05%
First published (updated )
CVE-2023-6337

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

go/github.com/hashicorp/go-slugHashiCorp go-slug Vulnerable to Zip Slip Attack

high
7.5
First published (updated )
CVE-2025-0377

HashiCorp NomadNomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace

high
7.1
First published (updated )
CVE-2025-0937

HashiCorp ConsulConsul L7 Intentions Vulnerable To URL Path Bypass

high
8.1
First published (updated )
CVE-2024-10005

HashiCorp ConsulConsul L7 Intentions Vulnerable To Headers Bypass

high
8.3
First published (updated )
CVE-2024-10006

HashiCorp ConsulConsul Cluster Peering can Result in Denial of Service

high
7.5
First published (updated )
CVE-2023-1297

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

HashiCorp ConsulOut-of-bounds Read

high
8.6
First published (updated )
CVE-2021-3121

TerraformTerraform Enterprise Agent Pool Controls Allowed Unauthorized Workspaces To Target an Agent Pool

high
7.7
First published (updated )
CVE-2023-3114

HashiCorp VaultVault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption

high
7.5
EPSS
0.05%
First published (updated )
CVE-2023-5954

go/github.com/hashicorp/vagrantVagrant’s Windows Installer Allowed Directory Junction Write

high
7.8
EPSS
0.04%
First published (updated )
CVE-2023-5834

HashiCorp VaultVault's Google Cloud Secrets Engine Removed Existing IAM Conditions When Creating / Updating Rolesets

high
7.6
First published (updated )
CVE-2023-5077

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

go/github.com/hashicorp/terraformTerraform Allows Arbitrary File Write During Init Operation

high
7.8
First published (updated )
CVE-2023-4782

HashiCorp NomadHashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabl…

high
8.8
First published (updated )
CVE-2021-43415

HashiCorp VaultHashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between …

high
8.1
First published (updated )
CVE-2021-42135

HashiCorp ConsulHashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorre…

high
8.8
First published (updated )
CVE-2021-41805

HashiCorp ConsulHashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In o…

high
7.4
First published (updated )
CVE-2019-9764

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

HashiCorp ConsulHashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended acces…

high
8.1
First published (updated )
CVE-2019-8336

HashiCorp VaultVault Operators in Root Namespace May Elevate Their Privileges

high
7.2
EPSS
0.05%
First published (updated )
CVE-2024-9180

HashiCorp ConsulJWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access

high
7.4
First published (updated )
CVE-2023-3518

HashiCorp ConsulConsul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner

high
8.7
First published (updated )
CVE-2023-2816

HashiCorp ConsulDependency on Vulnerable Third-Party Component in GitLab

high
8.1
First published (updated )
CVE-2023-5332

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

HashiCorp NomadNomad Vulnerable to Arbitrary Write Through Symlink Attack

high
7.7
EPSS
0.04%
First published (updated )
CVE-2024-1329

HashiCorp VaultHashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth…

high
8.2
First published (updated )
CVE-2020-16251

go/github.com/hashicorp/terraformInput Validation

high
7.5
First published (updated )
CVE-2019-19316

HashiCorp VagrantRace Condition

high
7.8
First published (updated )
CVE-2017-16512

HashiCorp VagrantRace Condition

high
7.8
First published (updated )
CVE-2017-16001

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203