CVE-2026-25690

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

CVE-2026-43984

CVE-2026-43984 affects Tautulli (Python-based Plex monitoring) prior to version 2.17.1. An authenticated user, including guests when guest access is enabled, can abuse an endpoint that writes attacker-controlled strings into the main application log. The log viewer then embeds the log contents in...

CVE-2019-25717 Dräger Infinity Delta/Kappa Patient Monitors Unauthenticated Log File Disclosure

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration...

Dräger多款产品 安全漏洞

Dräger Infinity Delta, among others, are products of the German company Dräger. The Dräger Infinity Delta is a multi-parameter clinical monitor. The Dräger Infinity Kappa is a multi-parameter patient monitor. The Dräger Infinity Delta XL is a high-performance multi-parameter patient monitor...

CVE-2026-44052 LDAP simple-bind password exposure in log output

Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output in cleartext, which allows an attacker with access to the log files to obtain LDAP credentials...

CVE-2026-41465

ProjeQtor versions 7.0 through 12.4.3 contain a path traversal vulnerability in the log file viewer at dynamicDialog.php where the logname parameter is not validated against directory traversal sequences before constructing file paths. Authenticated attackers can inject directory traversal...

EUVD-2026-29549

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

CVE-2026-25690

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

CVE-2026-20189

A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit...

ProjeQtOr 路径遍历漏洞

ProjeQtOr is a project management software developed by the French company ProjeQtOr. Versions 7.0 to 12.4.3 of ProjeQtOr contain a path traversal vulnerability. This vulnerability stems from the lack of validation of the directory traversal sequence in the logname parameter of the...

EUVD-2025-209209

Juju: Read All Controller Logs From Compromised Workload...

CVE-2025-68152 Juju: Read All Controller Logs From Compromised Workload

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, it is possible that a compromised workload machine under a Juju...

CVE-2026-0520

A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...

CVE-2019-7404

An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100$today'sdate.log for reading a filename such as gapm7100190101.log...

CVE-2019-12105

In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inethttpserver, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. The...

CVE-2025-12996

Medtronic CareLink Network is affected. A local attacker with access to log files on an internal API server can view plaintext passwords from errors logged under certain circumstances, causing information disclosure. This affects versions prior to December 4, 2025. Remediation per PT-2025-49126 i...

SAMSUNG多款产品 安全漏洞

SAMSUNG Exynos 980 and others are products of the South Korean company Samsung SAMSUNG.SAMSUNG Exynos 980 is a first 5G integrated Soc product and the world's first A77 architecture processor.SAMSUNG Exynos 1280 is a processor for mobile devices.SAMSUNG Exynos SAMSUNG Exynos 850 is a mobile...

CVE-2025-48025

The CVE-2025-48025 entry concerns Samsung Mobile/Wearable Processors (Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, and W920/W930/W1000). The vulnerability is described as improper access control related to a log file. Connected sources (Red Hat, EUVD, NVD, CVE lists) validate the affected famil...

EUVD-2021-0013

Malware in sbrugna...

EUVD-2011-1315

Malware in sbrugna...