Filter
-Infinity
0

Trending

Last week
Last month
Last year

go/github.com/hashicorp/go-retryablehttpgo-retryablehttp can leak basic auth credentials to log files

medium
6
EPSS
0.04%
First published (updated )
CVE-2024-6104

HashiCorp Vault 1.19End of life

First published (updated )
EOL-hashicorp-vault-1.19

HashiCorp VaultVault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation

high
8.1
First published (updated )
CVE-2023-24999

HashiCorp ConsulConsul Server Panic when Ingress and API Gateways Configured with Peering

medium
6.5
First published (updated )
CVE-2023-0845

HashiCorp NomadNomad ACLs Can Not Deny Access to Workload's Own Variables

medium
5.3
First published (updated )
CVE-2023-1296

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

HashiCorp NomadNomad Job Submitter Privilege Escalation Using Workload Identity

high
8.8
First published (updated )
CVE-2023-1299

Terraform 1.11End of life

First published (updated )
EOL-terraform-1.11

HashiCorp HermesHashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

high
8.2
First published (updated )
CVE-2025-1293

HashiCorp VaultVault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests

high
7.5
EPSS
0.05%
First published (updated )
CVE-2023-6337

HashiCorp VaultVault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations

medium
5
First published (updated )
CVE-2023-25000

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

HashiCorp VaultVault PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata

medium
6.5
First published (updated )
CVE-2023-0665

HashiCorp VaultVault Vulnerable to SQL Injection When Configuring the Microsoft SQL Database Storage Backend

medium
6.7
First published (updated )
CVE-2023-0620

go/github.com/hashicorp/go-slugHashiCorp go-slug Vulnerable to Zip Slip Attack

high
7.5
First published (updated )
CVE-2025-0377

HashiCorp NomadNomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace

high
7.1
First published (updated )
CVE-2025-0937

HashiCorp NomadNomad Unauthenticated Client Agent HTTP Request Privilege Escalation

critical
10
First published (updated )
CVE-2023-1782

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

HashiCorp VaultVault Enterprise Vulnerable to Padding Oracle Attacks When Using a CBC-based Encryption Mechanism with a HSM

low
2.5
First published (updated )
CVE-2023-2197

HashiCorp ConsulConsul L7 Intentions Vulnerable To URL Path Bypass

high
8.1
First published (updated )
CVE-2024-10005

HashiCorp ConsulConsul L7 Intentions Vulnerable To Headers Bypass

high
8.3
First published (updated )
CVE-2024-10006

HashiCorp ConsulConsul Vulnerable To Reflected XSS On Content-Type Error Manipulation

medium
6.1
First published (updated )
CVE-2024-10086

HashiCorp ConsulConsul Cluster Peering can Result in Denial of Service

high
7.5
First published (updated )
CVE-2023-1297

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

HashiCorp VaultVault’s KV Diff Viewer Allowed for HTML Injection

medium
5.4
First published (updated )
CVE-2023-2121

HashiCorp ConsulOut-of-bounds Read

high
8.6
First published (updated )
CVE-2021-3121

HashiCorp Nomad 1.9End of life

First published (updated )
latest-version-nomad-1.9

HashiCorp Nomad 1.9End of life

First published (updated )
EOL-nomad-1.9

Terraform 1.10End of life

First published (updated )
EOL-terraform-1.10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Terraform 1.10End of life

First published (updated )
latest-version-terraform-1.10

HashiCorp Vault 1.18Reached end of life

First published (updated )
latest-version-hashicorp-vault-1.18

HashiCorp Vault 1.18Reached end of life

First published (updated )
EOL-hashicorp-vault-1.18

TerraformTerraform Enterprise Agent Pool Controls Allowed Unauthorized Workspaces To Target an Agent Pool

high
7.7
First published (updated )
CVE-2023-3114

HashiCorp VaultVault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption

high
7.5
EPSS
0.05%
First published (updated )
CVE-2023-5954

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203