CVE-2024-43363 Remote code execution via Log Poisoning in Cacti

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

CVE-2024-43363

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

CVE-2024-33066

Memory corruption while redirecting log file to any file location with any file name...

CVE-2024-33066

CVE-2024-33066 is described in connected sources as a memory corruption flaw caused by improper input validation in the WLAN Resource Manager. Affected component: WLAN Resource Manager on Qualcomm chipsets. The provided documents do not specify affected products/versions, exploitation status, or ...

CVE-2024-33066 Improper Input Validation in WLAN Resource Manager

Memory corruption while redirecting log file to any file location with any file name...

CVE-2024-33066 Improper Input Validation in WLAN Resource Manager

Memory corruption while redirecting log file to any file location with any file name...

GHSA-MH98-763H-M9V4 JUJU_CONTEXT_ID is a predictable authentication secret

JUJUCONTEXTID is the authentication measure on the unit hook tool abstract domain socket. It looks like JUJUCONTEXTID=appname/0-update-status-6073989428498739633. This value looks fairly unpredictable, but due to the random source used, it is highly predictable. JUJUCONTEXTID has the following...

CVE-2024-8609

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information. This issue affects ValeApp: before v2.0.0...

CVE-2024-8609

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information. This issue affects ValeApp: before v2.0.0...

CVE-2024-8609

ValeApp (Oceanic Software) prior to version 2.0.0 has a vulnerability that allows insertion of sensitive information into log files, which can enable a query system for information. Impact and exact exploit details are not fully provided in the sources, but PT-2024-39130 notes that versions befor...

CVE-2024-8609 Improper Access Control in Oceanic Software's ValeApp

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information. This issue affects ValeApp: before v2.0.0...

PT-2024-39130

Name of the Vulnerable Software and Affected Versions: ValeApp versions prior to 2.0.0 Description: The issue allows the insertion of sensitive information into a log file, enabling the query system for information. Recommendations: For versions prior to 2.0.0, update to version 2.0.0 or later to...

CVE-2023-46175

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user...

CVE-2023-46175

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user...

CVE-2023-46175

CVE-2023-46175 affects IBM Cloud Pak for Multicloud Management (CP4MCM) versions 2.3 through 2.3 FP8. The issue is that credentials are stored in a log file in plain text, which could be read by a privileged user, exposing sensitive data. The available public remediation is to upgrade to version ...

CVE-2023-46175 IBM Cloud Pak for Multicloud Management information disclosure

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user...

CVE-2023-46175 IBM Cloud Pak for Multicloud Management information disclosure

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user...

USN-7039-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Input Device Tablet drivers; - Modular ISDN driver; - Multiple devices driver; - Network drivers; -...

CVE-2022-49037

Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors...

CVE-2022-49037

Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors...