CVE-2025-32713

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-36573

Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2025-36573

Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2025-36573

Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2025-36573

CVE-2025-36573 affects Dell Smart Dock Firmware prior to 01.00.08.01. The issue is an insertion of sensitive information into a log file, enabling potential information disclosure by a user with local access; impact is limited to confidentiality (log data). Affected component: Dell Smart Dock Fir...

Dell Smart Dock Firmware 日志信息泄露漏洞

Dell Dock Firmware is a firmware product from Dell USA. An information disclosure vulnerability exists in Dell Dock Firmware in versions prior to 01.00.08.01. The vulnerability is due to the insertion of sensitive information into a log file in the affected version, so information may be disclose...

PT-2025-25305

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to modify the log...

The vulnerability of the Common Log File System Driver for Microsoft Windows operating systems allows attackers to gain increased privileges.

The vulnerability of the Common Log File System Driver for Microsoft Windows operating systems is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

CVE-2025-32713

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-32713

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-32713

CVE-2025-32713 corresponds to a heap-based buffer overflow in Windows Common Log File System Driver that enables local privilege escalation for an authorized attacker. The connected sources identify the affected component as the Windows Common Log File System Driver and list the impact as obtaini...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Microsoft Windows Common Log File System Driver 安全漏洞

The Microsoft Windows Common Log File System Driver is a Microsoft Corporation Common Log File System CLFS API that provides a high-performance, common log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize logging and access. access. A...

PT-2025-24827 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: A heap-based buffer overflow issue in the Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Recommendations: A...

GHSA-QX7G-FX8Q-545G Para Inserts Sensitive Information into Log File for Facebook authentication

CWE ID: CWE-532 Insertion of Sensitive Information into Log File CVSS: 6.2 Medium Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Component: Facebook Authentication Logging Version: Para v1.50.6 File Path:...

CVE-2025-49009 Para Inserts Sensitive Information into Log File for Facebook authentication

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in FacebookAuthFilter.java results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access...

CVE-2025-49009

Para’s CVE-2025-49009 affects the Para server (Facebook authentication flow) via FacebookAuthFilter.java, where a failed request to Facebook’s profile endpoint logs the full URL including the user’s access token in plaintext. The issue exists in versions prior to 1.50.8 and is mitigated by upgrad...

The vulnerability of the django.utils.log.log_response() function in the Django web application framework allows a hacker to gain access and modify data in the log file.

The vulnerability of the django.utils.log.logresponse function in the Django web application framework is related to improper handling of log file output. Exploiting this vulnerability can allow an attacker to gain access and modify data in the log files...

CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

Para Server Logs Sensitive Information

CWE ID: CWE-532 Insertion of Sensitive Information into Log File CVSS: 7.5 High Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Component: Para Server Initialization Logging Version: Para v1.50.6 File Path:...