Windows Common Log File System Driver Elevation of Privilege Vulnerability

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-32706

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

PT-2025-20995 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver versions prior to the fixed version Description: The issue is related to a use-after-free flaw in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

PT-2025-21003

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The issue is related to a use-after-free vulnerability in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

PT-2025-21008 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to improper input validation in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

CVE-2025-32701

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

Microsoft Windows Common Log File System Driver 资源管理错误漏洞

The Microsoft Windows Common Log File System Driver is a Microsoft Corporation Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize logging and access...

Microsoft Windows Common Log File System Driver 输入验证错误漏洞

The Microsoft Windows Common Log File System Driver is a Microsoft Corporation Common Log File System CLFS API that provides a high-performance, common log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize logging and access. access. An...

VulnCheck KEV: CVE-2025-32701

Microsoft Windows Common Log File System CLFS Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash; bsc1236619. Patch Instructions: To...

Record the cron Logs

Generally, cron is used to schedule tasks in Linux. Because cron can be exploited by hackers to load malicious code, all the cron logs need to be recorded to trace system exceptions. Otherwise, the exception information cannot be displayed in logs when there are malicious operations. As a result,...

Ensure That Rotation Is Enabled for Audit Logs

maxlogfileaction decides the action taken when the size of a log file reaches the upper limit. By default, ROTATE is configured in openEuler, indicating that a new log file is created when the size of a log file reaches the upper limit and the original log file is not deleted. numlogs specifies t...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to the logging of partially failed bulk index requests. An attacker can disclose sensitive information contained in the document body by accessing error logs. Remediation Upgrade...

CVE-2024-11994 APM Server Insertion of Sensitive Information into Log File

APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the document, this could disclose sensitive information in APM Server error logs...

ROS-20250430-08

A vulnerability in Nomad Application Orchestrator involves the insertion of sensitive information into a log file. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a client's secret client token...

USN-7465-1 mistral, python-mistral-lib vulnerabilities

It was discovered that Mistral incorrectly handled nested anchors in YAML files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-16848 Pierre Gaxatte discovered that Mistral incorrectly handled erroneous SSH private key...

CVE-2025-46614

In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File...

CVE-2025-28233

Incorrect access control in BW Broadcast TX600 14980, TX300 32990 31448, TX150, TX1000, TX30, and TX50 Hardware Version: 2, Software Version: 1.6.0, Control Version: 1.0, AIO Firmware Version: 1.7 allows attackers to access log files and extract session identifiers to execute a session hijacking...

CVE-2025-24651

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Retrieve Embedded Sensitive Data.This issue affects WordPress Backup & Migration: from n/a through = 1.5.3...

CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...