Filtered by vendor Hashicorp
Subscriptions
Total
144 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-7642 | 1 Hashicorp | 1 Vagrant Vmware Fusion | 2019-10-03 | N/A |
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable. | ||||
CVE-2017-16873 | 1 Hashicorp | 1 Vagrant Vmware Fusion | 2019-10-03 | N/A |
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges. | ||||
CVE-2018-19786 | 1 Hashicorp | 1 Vault | 2018-12-27 | N/A |
HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported. | ||||
CVE-2018-9057 | 1 Hashicorp | 1 Terraform | 2018-04-24 | N/A |
aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password. |