Lucene search
K

286 matches found

OSV
OSV
added 2023/05/08 8:15 p.m.2 views

CVE-2023-23541

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts...

3.3CVSS5.8AI score0.00238EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/21 12:0 a.m.6 views

IBM Security Guardium 日志信息泄露漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium Ke...

4.3CVSS5.1AI score0.00482EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.51 views

K16869: logrotate vulnerability CVE-2011-1098

Security Advisory Description Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place. CVE-2011-1098 Impact May allow a local user to read log data by opening a...

1.9CVSS6.2AI score0.00281EPSS
Exploits1Affected Software18
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.3 views

SUSE CVE-2016-3947

Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service performance degradation or transition failures or write sensitive information to log files via an ICMPv6...

8.2CVSS9AI score0.1462EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.3 views

SUSE CVE-2021-40324

Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...

8.1CVSS9.6AI score0.68635EPSS
Exploits0References6
OSV
OSV
added 2023/01/30 11:15 p.m.2 views

CVE-2022-32529

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

9.8CVSS6.6AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/30 12:0 a.m.8 views

CVE-2022-32529

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

9.8CVSS9.8AI score0.01258EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.6 views

PT-2023-1176 · Vmware · Vrealize Log Insight

Name of the Vulnerable Software and Affected Versions: vRealize Log Insight affected versions not specified Description: The vRealize Log Insight contains a Directory Traversal Vulnerability, allowing an unauthenticated, malicious actor to inject files into the operating system of an impacted...

10CVSS10AI score0.87077EPSS
Exploits3References17
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.17 views

Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-sma-log-YxQ6g2kG)

According to its self-reported version, the host is affected by a vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance ESA that could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive...

6.5CVSS6.7AI score0.00738EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/12/06 5:58 p.m.35 views

CVE-2022-23466 DOM-based cross-site scripting (XSS) in teler dashboard

teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting XSS in the teler dashboard. When teler requests messages from the event stream on the /events endpoint, the log data displayed on the dashboard a...

5.4CVSS5.4AI score0.00384EPSS
Exploits0References2
OSV
OSV
added 2022/12/06 3:36 p.m.22 views

GHSA-XR7P-8Q82-878Q teler dashboard vulnerable to DOM-based cross-site scripting (XSS)

Description teler prior to version = 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting XSS in the teler dashboard. When teler requests messages from the event stream on the /events endpoint, the log data displayed on the dashboard are not sanitized. Impact This only affects authenticated...

3.1CVSS5AI score0.00384EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/12/06 3:36 p.m.20 views

teler dashboard vulnerable to DOM-based cross-site scripting (XSS)

Description teler prior to version = 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting XSS in the teler dashboard. When teler requests messages from the event stream on the /events endpoint, the log data displayed on the dashboard are not sanitized. Impact This only affects authenticated...

5.4CVSS5AI score0.00384EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2022/11/25 12:0 a.m.23 views

SolarWinds Security Event Manager Information Disclosure Vulnerability

SolarWinds Security Event Manager SolarWinds SEM is an American SolarWinds Inc. for forensics and troubleshooting, as well as a tool to help you manage log data. An information disclosure vulnerability exists in SolarWinds Security Event Manager versions prior to 2022.4, which stems from the...

5.3CVSS4.9AI score0.00651EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2022/10/07 12:0 a.m.44 views

CVE-2022-39291

ZoneMinder is a free, open source Closed-circuit television software application. Affected versions of zoneminder are subject to a vulnerability which allows users with "View" system permissions to inject new data into the logs stored by Zoneminder. This was observed through an HTTP POST request...

5.4CVSS5.6AI score0.05052EPSS
Exploits4
OSV
OSV
added 2022/08/11 3:15 p.m.4 views

CVE-2022-20243

In Core Utilities, there is a possible log information disclosure. This could lead to local information disclosure of sensitive browsing data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199986...

4.4CVSS5.9AI score0.00063EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.4 views

Schneider Electric IGSS Data Server 缓冲区错误漏洞

The Schneider Electric IGSS Data Server is a data server for the Interactive Graphics Scada System from Schneider Electric France. A buffer error vulnerability exists in versions prior to Schneider Electric IGSS Data Server 15.0.0.22140, which stems from an application boundary error. A remote...

9.8CVSS8.9AI score0.01258EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.4 views

PT-2022-3200 · Unknown · Igss Data Server

Name of the Vulnerable Software and Affected Versions: IGSS Data Server - IGSSdataServer.exe versions prior to V15.0.0.22170 Description: A buffer copy without checking the size of input vulnerability exists, potentially leading to a stack-based buffer overflow and remote code execution when an...

10CVSS10AI score0.01258EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/06/09 12:0 a.m.5 views

Solar-Log GmbH 安全漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic power plants from the German company Solar-Log. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85 that stems from a faulty component network configuration. An attacker could exploit the vulnerability to...

9.8CVSS8.3AI score0.00807EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/09 12:0 a.m.4 views

Solar-Log GmbH 跨站请求伪造漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic PV power plants from the German company Solar-Log. A cross-site request forgery vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which stems from the component's lack of data filtering and escaping...

8.8CVSS7.7AI score0.00377EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/09 12:0 a.m.4 views

Solar-Log GmbH 代码问题漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic PV power plants from the German company Solar-Log. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which stems from a faulty file upload in the component. An attacker could exploit the vulnerability to...

9.8CVSS8.4AI score0.00965EPSS
Exploits1References4
Rows per page
Query Builder