PT-2024-7483 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to errors in privilege management within the Common Log File System CLFS driver of Microsoft Windows operating systems. It allows an attacker to potentially...

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

Exploit for Insertion of Sensitive Information into Log File in Paloaltonetworks Expedition

CVE-2024-9466 CVE-2024-9466 Proof of Concept PoC Descrip...

DEBIAN-CVE-2023-31493

RCE Remote Code Execution exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system...

CVE-2023-31493

RCE Remote Code Execution exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system...

UBUNTU-CVE-2023-31493

RCE Remote Code Execution exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system...

CVE-2023-31493

RCE Remote Code Execution exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system...

CVE-2024-38862

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p18, 2.2.0p35, 2.1.0p48 and =2.0.0p39 EOL causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators...

CVE-2024-38862

The CVE-2024-38862 vulnerability affects Checkmk GmbH’s Checkmk, where versions before 2.3.0p18, 2.2.0p35, 2.1.0p48 and the EOL 2.0.0p39 store SNMP and IMPI secrets of host and folder properties in audit log files that are accessible to administrators. The issue is caused by insertion of sensitiv...

Medium: clamav

Issue Overview: A vulnerability in the PDF parsing module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacke...

CVE-2024-8264 Sensitive information in agent log file when detailed logging is enabled with Robot Schedule Enterprise prior to version 3.05

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled...

CVE-2024-8264 Sensitive information in agent log file when detailed logging is enabled with Robot Schedule Enterprise prior to version 3.05

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled...

Fortra Robot Schedule Enterprise Agent 安全漏洞

Fortra Robot Schedule Enterprise Agent is a component of Fortra's Enterprise Task Scheduler software. A security vulnerability exists in Fortra Robot Schedule Enterprise Agent versions prior to 3.05 that stems from FTP username and password information being written to the agent log file when...

CVE-2024-43501

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2024-43501

CVE-2024-43501 affects the Windows Common Log File System Driver and is a local elevation-of-privilege vulnerability. Triggers could allow an attacker with low privileges to escalate to obtain high-level privileges, with the issue categorized as high severity (CVSS v3.1 base score 7.8). The CVE i...

CVE-2024-43501 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2024-43501 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

PT-2024-6774

Name of the Vulnerable Software and Affected Versions Ivanti Connect Secure versions prior to 22.7R2.1 Ivanti Connect Secure version 9.1R18.9 Ivanti Policy Secure versions prior to 22.7R1.1 Description The issue is related to improper input validation in the admin portal, allowing a remote...

Microsoft Windows Common Log File System Driver 后置链接漏洞

The Microsoft Windows Common Log File System Driver is a Microsoft Corporation Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize logging and access...