Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vault vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4449
Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not co...
Oracle Audit Vault 10.2.3.2
7.5
CVSSv3
CVE-2023-30514
Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and previous versions does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Jenkins Azure Key Vault
9.8
CVSSv3
CVE-2019-7442
An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote malicious users to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system.
Cyberark Enterprise Password Vault
1 EDB exploit
7.5
CVSSv3
CVE-2020-24359
HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0.
Hashicorp Vault-ssh-helper
4.3
CVSSv3
CVE-2020-2313
A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and previous versions allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Azure Key Vault
7.5
CVSSv3
CVE-2023-30515
Jenkins Thycotic DevOps Secrets Vault Plugin 1.0.0 and previous versions does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Jenkins Thycotic Devops Secrets Vault
NA
CVE-2006-0710
Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 allows remote malicious users to execute arbitrary code via a crafted LDAP request, as demonstrated by ProtoVer Sample LDAP.
Isode M-vault Server 11.3
1 EDB exploit
NA
CVE-2004-2777
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet200...
Gehealthcare Centricity Image Vault Firmware
NA
CVE-2001-1205
Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote malicious users to read arbitrary files via '..' sequences in the $error_log variable.
Matrixs Cgi Vault Last Lines 2.0
NA
CVE-2001-1206
Matrix CGI vault Last Lines 2.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the $error_log variable.
Matrixs Cgi Vault Last Lines 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »