CVE-2023-27502

Intel Local Manageability Service prior to v2316.5.1.2 is affected by CVE-2023-27502, which enables potential information disclosure via local access through log message disclosure. The issue is limited to authenticated Local Manageability Service users and involves sensitive data being written i...

CVE-2024-27097

A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log entries or corrupt the log file format. This has been fixed in the CKAN versions 2.9.11 and 2.10.4. Users are advised to upgrade...

Format string

A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log entries or corrupt the log file format. This has been fixed in the CKAN versions 2.9.11 and 2.10.4. Users are advised to upgrade...

CVE-2024-27097 Potential log injection in reset user endpoint in ckan

A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log entries or corrupt the log file format. This has been fixed in the CKAN versions 2.9.11 and 2.10.4. Users are advised to upgrade...

Potential log injection in reset user endpoint in CKAN

A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log entries or corrupt the log file format. Patches This has been fixed in the CKAN 2.9.11 and 2.10.4 versions Workarounds Override th...

CVE-2024-1302

Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...

CVE-2024-1302

Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...

CVE-2024-1302 Multiple Vulnerabilities in Badger Meter's Monitool

Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...

CVE-2024-25997

An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected...

CVE-2024-25997

An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected...

Input validation

An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected...

CVE-2024-25997 PHOENIX CONTACT: Log injection in CHARX Series

An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected...

Design/Logic Flaw

Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 through 11-20-, from 11-10 through 11-10-, from 11-00...

CVE-2023-6814 Information Exposure Vulnerability in Cosminexus Component Container

Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-...

CVE-2023-6814

The CVE-2023-6814 issue affects Hitachi Cosminexus Component Container and is caused by insertion of sensitive information into log files, leading to local information disclosure. Affected versions include 11-00 through 11-00-12, 11-10 through 11-10-10, 11-20 through 11-20-07, 11-30 through 11-30...

CVE-2023-6814 Information Exposure Vulnerability in Cosminexus Component Container

Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-...

PT-2024-17878 · Badger Meter · Badger Meter Monitool

Name of the Vulnerable Software and Affected Versions: Badger Meter Monitool versions up to 4.6.3 and earlier Description: The issue allows a local attacker to change the application's file parameter to a log file, obtaining sensitive information such as database credentials. Recommendations: For...

s::can moni::tools Information Disclosure Vulnerability

s::can moni::tools is a platform from s::can that manages a virtually unlimited number of sites, online probes, analyzers, and parameters. An information disclosure vulnerability exists in s::can moni::tools version 4.6.3 and earlier versions, which originates from the ability to change the...

BIT-SUITECRM-2021-42840

SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, loggerfilename can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were...

BIT-JAEGER-2020-10750

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials...