CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

454 matches found

NVD•added 2024/08/21 4:15 p.m.•15 views

CVE-2024-7602

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specif...

6.5CVSS0.00782EPSS

Exploits0References2

NVD•added 2024/08/21 4:15 p.m.•17 views

CVE-2024-7600

Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

8.1CVSS0.03634EPSS

Exploits0References2

CVE•added 2024/08/21 4:6 p.m.•74 views

CVE-2024-7604

CVE-2024-7604 affects Logsign Unified SecOps Platform. The issue is an authentication bypass in the HTTP API service (port 443 by default) caused by improper validation of the user’s license expiration date, allowing local attackers to bypass authentication. Descriptions from multiple sources con...

7.8CVSS5.3AI score0.0001EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/08/21 4:6 p.m.•16 views

CVE-2024-7604 Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability

Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

5.1CVSS0.0001EPSS

Exploits0References2

Vulnrichment•added 2024/08/21 4:6 p.m.•11 views

CVE-2024-7604 Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability

5.1CVSS7AI score0.0001EPSS

Exploits0References2

CVE•added 2024/08/21 4:6 p.m.•83 views

CVE-2024-7603

CVE-2024-7603 affects Logsign Unified SecOps Platform. The vulnerability resides in the HTTP API service (listening on port 443 by default) and stems from insufficient validation of a user-supplied file path used in file operations, enabling a directory-traversal condition that can delete arbitra...

8.1CVSS7AI score0.02393EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/08/21 4:6 p.m.•13 views

CVE-2024-7603 Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability

Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The...

7.1CVSS6.9AI score0.02393EPSS

Exploits0References2

Cvelist•added 2024/08/21 4:6 p.m.•15 views

CVE-2024-7603 Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability

7.1CVSS0.02393EPSS

Exploits0References2

Cvelist•added 2024/08/21 4:6 p.m.•18 views

CVE-2024-7602 Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability

6.5CVSS0.00782EPSS

Exploits0References2

Vulnrichment•added 2024/08/21 4:6 p.m.•14 views

CVE-2024-7602 Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability

6.5CVSS6.3AI score0.00782EPSS

Exploits0References2

CVE•added 2024/08/21 4:6 p.m.•72 views

CVE-2024-7602

Logsign Unified SecOps Platform contains a Directory Traversal Information Disclosure vulnerability in its HTTP API service (listening on port 443 by default). The flaw arises from insufficient validation of a user-supplied path used in file operations, allowing an attacker to disclose sensitive ...

6.5CVSS6.2AI score0.00782EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/08/21 4:6 p.m.•17 views

CVE-2024-7601 Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability

Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...

7.1CVSS0.01365EPSS

Exploits0References2

CVE•added 2024/08/21 4:6 p.m.•67 views

CVE-2024-7601

CVE-2024-7601 affects Logsign Unified SecOps Platform. The vulnerability resides in the HTTP API service (default port 443) where lack of proper validation of a user-supplied path enables a traversal that can delete arbitrary files in the root context. Exploitation requires authentication, and th...

8.1CVSS7AI score0.01365EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/08/21 4:6 p.m.•15 views

CVE-2024-7601 Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability

7.1CVSS6.9AI score0.01365EPSS

Exploits0References2

Vulnrichment•added 2024/08/21 4:6 p.m.•13 views

CVE-2024-7600 Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability

7.1CVSS6.9AI score0.03634EPSS

Exploits0References2

Cvelist•added 2024/08/21 4:6 p.m.•13 views

CVE-2024-7600 Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability

7.1CVSS0.03634EPSS

Exploits0References2

CVE•added 2024/08/21 4:6 p.m.•66 views

CVE-2024-7600

CVE-2024-7600 affects Logsign Unified SecOps Platform. Affected component: HTTP API service; vulnerability is a directory traversal that allows deletion of arbitrary files with root context. Root cause: insufficient validation of user-supplied file paths used in file operations. Access requires a...

8.1CVSS7AI score0.03634EPSS

Exploits0References2Affected Software1

Zero Day Initiative•added 2024/08/08 12:0 a.m.•4 views

Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue...

7.1CVSS6.7AI score0.01365EPSS

Exploits0References1

Zero Day Initiative•added 2024/08/08 12:0 a.m.•5 views

Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability

This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue...

5.1CVSS6.7AI score0.0001EPSS

Exploits0References1

Zero Day Initiative•added 2024/08/08 12:0 a.m.•6 views

Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The...

7.1CVSS6.7AI score0.02393EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by