25694 matches found
PT-2026-60460
Name of the Vulnerable Software and Affected Versions ubuntu-pro-client affected versions not specified Description An insecure symlink following issue exists within the pro collect-logs command framework. The utility uses predictable temporary file paths or user-accessible log directories to...
CVE-2026-15907
The vulnerability CVE-2026-15907 affects H3C SecPath F1000-C8300 devices (firmware up to 20260522). It targets an unknown function at /webui/?g=log_fw_nbc_mail_jsondata, where manipulation of the subject parameter can cause SQL injection. The attack is remote, with a published exploit; the vendor...
CVE-2026-15907 H3C SecPath F1000-C8300 g=log_fw_nbc_mail_jsondata sql injection
A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function of the file /webui/?g=logfwnbcmailjsondata. Executing a manipulation of the argument subject can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...
EUVD-2026-44750
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port...
DEBIAN-CVE-2026-61864
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released...
CVE-2026-61864
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released...
CVE-2026-61864 ImageMagick before 7.1.2-26 Memory Leak in Log Colorspace
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released...
EUVD-2026-44613
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released...
CVE-2026-61864 ImageMagick before 7.1.2-26 Memory Leak in Log Colorspace
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released...
CVE-2026-40633
Summary: Dell PowerScale OneFS contains an information disclosure vulnerability (Insertion of Sensitive Information into Log File) affecting PowerScale OneFS 9.5.0.0–9.10.1.7 and 9.11.0.0–9.13.0.2. A low-privilege, local attacker could exploit this to disclose information. Affected products/versi...
EUVD-2026-44607
Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, versions 9.11.0.0 through 9.13.0.2 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure...
CVE-2026-48816
sigstore-js provides JavaScript libraries for interacting with Sigstore services. Prior to 3.1.1, @sigstore/verify derives a transparency-log timestamp from tlogEntries.integratedTime for bundle v0.2 inclusionProof-only entries even though the inclusion proof path does not cryptographically bind...
CVE-2026-47300
creationtimestamp| type| source ---|---|--- 2026-07-14 19:01:00+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0235 2026-07-14 19:37:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqmxflgkv42e 2026-07-14 20:34:06+00:00| seen|...
CVE-2026-45077
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...
CVE-2026-45077
CVE-2026-45077 concerns Symfony’s server:log listener (part of Symfony\Bridge\Monolog) which binds to 0.0.0.0:9911 by default and processes each frame with unserialize(base64_decode($message)) without authentication or an allowed-classes allowlist. This permits any reachable host to submit attack...
CVE-2026-50697
Exposure of sensitive information to an unauthorized actor in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-50316
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...
CVE-2026-50667
CVE-2026-50667 is a Windows NTFS/Windows Common Log File System Driver elevation-of-privilege vulnerability caused by a race condition in a shared resource. The CVE affects Windows NTFS and is identified by Microsoft as a privilege-escalation issue; updates have been released (July 2026 monthly r...
CVE-2026-50667 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2026-50316
CVE-2026-50316 affects the Windows Kernel. Insertion of sensitive information into a log file enables a locally authenticated attacker to disclose information. The CVSS v3.1 metrics show a Local attack vector, Low attack complexity, Low privileges required, and No user interaction, with Confident...