Lucene search
K

175 matches found

RedhatCVE
RedhatCVE
added 2025/04/10 3:34 p.m.26 views

CVE-2024-52962

An Improper Output Neutralization for Logs vulnerability CWE-117 in FortiAnalyzer version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.13 and below and FortiManager version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.12 and belo...

5.3CVSS7.2AI score0.0045EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/20 10:46 a.m.3 views

Improper Output Neutralization for Logs

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Improper Output Neutralization for Logs due to the incomplete masking of API keys in the logging functionality. An attacker can expose sensitive information by accessing th...

8.7CVSS6.6AI score0.00708EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.12 views

CVE-2024-9606 Improper Output Neutralization for Logs in berriai/litellm

In berriai/litellm before version 1.44.12, the litellm/litellmcoreutils/litellmlogging.py file contains a vulnerability where the API key masking code only masks the first 5 characters of the key. This results in the leakage of almost the entire API key in the logs, exposing a significant amount ...

7.5CVSS0.00708EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2020-14330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This...

5.5CVSS6.6AI score0.00568EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.5 views

PT-2025-3240 · Unknown · Poll Maker

Name of the Vulnerable Software and Affected Versions: Poll Maker affected versions not specified Description: The issue is related to improper encoding or escaping of output in Poll Maker Team Poll Maker. This can potentially lead to security issues, but specific details about exploitation, such...

5.3CVSS9.4AI score0.00273EPSS
Exploits0References5
NVD
NVD
added 2024/12/12 12:15 p.m.16 views

CVE-2024-8179

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled...

5.4CVSS0.00323EPSS
Exploits0References2
OSV
OSV
added 2024/12/12 12:3 p.m.8 views

CVE-2024-8179 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled...

5.4CVSS5.9AI score0.00323EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/12/12 12:3 p.m.8 views

CVE-2024-8179

Removed by vendor...

5.4CVSS5.8AI score0.00323EPSS
Exploits0
OSV
OSV
added 2024/11/29 9:31 p.m.12 views

GHSA-2GX6-QRPP-C4P3 Ant-Media-Server vulnerable to Improper Output Neutralization for Logs

Ant-Media-Server v2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be include...

8.7CVSS7.5AI score0.00536EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/11/29 9:31 p.m.19 views

Ant-Media-Server vulnerable to Improper Output Neutralization for Logs

Ant-Media-Server v2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be include...

7.5CVSS6.8AI score0.00536EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/11/29 8:15 p.m.22 views

CVE-2024-35371

Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included...

7.5CVSS0.00536EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.21 views

CVE-2024-35371

Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included...

0.00536EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.11 views

CVE-2024-35371

Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included...

6.8AI score0.00536EPSS
Exploits0References3
CVE
CVE
added 2024/11/29 12:0 a.m.63 views

CVE-2024-35371

Ant-Media-Server v2.8.2 is affected by Improper Output Neutralization for Logs due to insufficient input sanitization in the logging mechanism. User-controllable data can be included in log entries without restrictions, potentially exposing sensitive information. The CVE-2024-35371 entry, with a ...

7.5CVSS6.9AI score0.00536EPSS
Exploits0References3
Snyk
Snyk
added 2024/11/27 9:59 p.m.1 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to the improper handling of user input in the email sending functionality. An attacker can send spam, phishing emails, or other malicio...

8.7CVSS7AI score0.00451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/18 12:0 a.m.14 views

Siemens SCALANCE M-800 Improper Output Neutralization For Logs (CVE-2024-5594)

control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

9.1CVSS7.7AI score0.00805EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.12 views

GitLab 17.3 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2024-8180)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. Improper output encoding could lead to XSS if CSP is not enable...

5.4CVSS5.4AI score0.0035EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.6 views

Concrete CMS 安全漏洞

Concrete CMS is a team-oriented open source content management system from Concrete CMS Open Source. A security vulnerability exists in Concrete CMS versions 9.0.0 through 9.3.3 and prior to 8.5.18, which stems from improper output cleanup, resulting in a malicious payload that can be executed in...

4.8CVSS5.8AI score0.00416EPSS
Exploits0References5
OSV
OSV
added 2024/09/07 9:30 a.m.16 views

GHSA-C392-WHPC-VFPR Apache Airflow vulnerable to Improper Encoding or Escaping of Output

Example DAG: exampleinleteventextra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the...

8.8CVSS8.7AI score0.01237EPSS
Exploits0References8
NVD
NVD
added 2024/08/30 1:15 p.m.16 views

CVE-2024-8334

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/log.go. The manipulation leads to improper output neutralization for logs. The attack may be...

8.1CVSS0.00478EPSS
Exploits0References6
Rows per page
Query Builder