4566 matches found
PT-2023-5139 · Microsoft · Windows Common Log File System Driver +1
Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to a buffer out-of-bounds operation in memory when handling BLF log files, which can allow an attacker to elevate their privileges. This i...
CVE-2022-27599
An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already...
CVE-2022-27599
An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already...
Design/Logic Flaw
An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already...
CVE-2022-27599
CVE-2022-27599 describes an information-disclosure flaw in QNAP QVR Pro Client prior to version 2.3.0.0420, caused by insertion of sensitive data into log files. The issue could allow local authenticated administrators to access additional information via unspecified vectors. Affected platforms i...
CVE-2022-27599 QVR Pro Client
An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already...
CVE-2022-27599 QVR Pro Client
An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already...
QNAP Systems Qvr Pro Log Information Disclosure Vulnerability
QNAP Systems Qvr Pro is an Ip video surveillance system from QNAP Systems. It is used to manage Ip cameras, monitor live view and playback previous recordings using a mobile device. A security vulnerability exists in QNAP Systems Qvr Pro versions prior to 2.3.0.0420, which originates from inserti...
Oracle Linux 5 : setroubleshoot (ELSA-2008-0061)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0061 advisory. setroubleshoot: 2.0.5-3.0.1.el5 - replace missed references to bugzilla.redhat.com with linux.oracle.com 2.0.5-3 - Resolve: bug 436564: socket.getsocko...
Security Bulletin: Multiple Vulnerabilities found in IBM DB2 which is shipped with IBM® Intelligent Operations Center(CVE-2022-43929, CVE-2022-43927, CVE-2014-3577, CVE-2022-43930)
Summary Multiple vulnerabilities have been identified in IBM DB2 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...
CVE-2023-4711
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...
CVE-2023-31423
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave"...
Design/Logic Flaw
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave"...
CVE-2023-31423
CVE-2023-31423 concerns Brocade SANnav: an information exposure vulnerability where sensitive fields are logged in configuration logs without masking. Public details specify vulnerable SANnav versions: before v2.3.0 and 2.2.2a. Exploitation requires the attacker to access an already collected Bro...
CVE-2023-31423 Possible information exposure through log file vulnerability
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave"...
CVE-2023-31423 Possible information exposure through log file vulnerability
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave"...
PT-2023-23525 · Brocade · Brocade Sannav
Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.0 Brocade SANnav version 2.2.2a Description: The issue allows a privileged user to retrieve SNMPv3 Authentication passwords stored in plaintext, given knowledge and access to log files. This could occur wh...
CVE-2023-4571
In Splunk IT Service Intelligence ITSI versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute ANSI escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable...
Some MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may...
CVE-2021-32050 Some MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may...