175 matches found
CVE-2024-52962
An Improper Output Neutralization for Logs vulnerability CWE-117 in FortiAnalyzer version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.13 and below and FortiManager version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.12 and belo...
Improper Output Neutralization for Logs
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Improper Output Neutralization for Logs due to the incomplete masking of API keys in the logging functionality. An attacker can expose sensitive information by accessing th...
CVE-2024-9606 Improper Output Neutralization for Logs in berriai/litellm
In berriai/litellm before version 1.44.12, the litellm/litellmcoreutils/litellmlogging.py file contains a vulnerability where the API key masking code only masks the first 5 characters of the key. This results in the leakage of almost the entire API key in the logs, exposing a significant amount ...
Linux Distros Unpatched Vulnerability : CVE-2020-14330
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This...
PT-2025-3240 · Unknown · Poll Maker
Name of the Vulnerable Software and Affected Versions: Poll Maker affected versions not specified Description: The issue is related to improper encoding or escaping of output in Poll Maker Team Poll Maker. This can potentially lead to security issues, but specific details about exploitation, such...
CVE-2024-8179
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled...
CVE-2024-8179 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled...
CVE-2024-8179
Removed by vendor...
GHSA-2GX6-QRPP-C4P3 Ant-Media-Server vulnerable to Improper Output Neutralization for Logs
Ant-Media-Server v2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be include...
Ant-Media-Server vulnerable to Improper Output Neutralization for Logs
Ant-Media-Server v2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be include...
CVE-2024-35371
Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included...
CVE-2024-35371
Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included...
CVE-2024-35371
Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included...
CVE-2024-35371
Ant-Media-Server v2.8.2 is affected by Improper Output Neutralization for Logs due to insufficient input sanitization in the logging mechanism. User-controllable data can be included in log entries without restrictions, potentially exposing sensitive information. The CVE-2024-35371 entry, with a ...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to the improper handling of user input in the email sending functionality. An attacker can send spam, phishing emails, or other malicio...
Siemens SCALANCE M-800 Improper Output Neutralization For Logs (CVE-2024-5594)
control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
GitLab 17.3 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2024-8180)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. Improper output encoding could lead to XSS if CSP is not enable...
Concrete CMS 安全漏洞
Concrete CMS is a team-oriented open source content management system from Concrete CMS Open Source. A security vulnerability exists in Concrete CMS versions 9.0.0 through 9.3.3 and prior to 8.5.18, which stems from improper output cleanup, resulting in a malicious payload that can be executed in...
GHSA-C392-WHPC-VFPR Apache Airflow vulnerable to Improper Encoding or Escaping of Output
Example DAG: exampleinleteventextra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the...
CVE-2024-8334
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/log.go. The manipulation leads to improper output neutralization for logs. The attack may be...