Wireshark 3.6.x < 3.6.14 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 3.6.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.14 advisory. - XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packe...

Wireshark 4.0.x < 4.0.6 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.6 advisory. - XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service vi...

Wireshark 4.0.x < 4.0.6 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 4.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.6 advisory. - XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet...

SUSE CVE-2019-17041

An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not satisfy this...

GHSA-XQQW-CQJP-52XM Jenkins Log Parser Plugin vulnerable to Cross-site Scripting

Log Parser Plugin did not escape an error message shown when log parsing patterns are invalid. This resulted in a persisted cross-site scripting vulnerability exploitable by attackers able to control the log parsing rules configuration, typically users with Job/Configure permission. Jenkins appli...

Jenkins Log Parser Plugin vulnerable to Cross-site Scripting

Log Parser Plugin did not escape an error message shown when log parsing patterns are invalid. This resulted in a persisted cross-site scripting vulnerability exploitable by attackers able to control the log parsing rules configuration, typically users with Job/Configure permission. Jenkins appli...

PT-2022-13463 · Liquibase · Liquibase

Name of the Vulnerable Software and Affected Versions: Liquibase versions prior to 4.8.0 Description: The issue is related to an Improper Restriction of XML External Entity Reference. The XMLChangeLogSAXParser function contains this issue, which may lead to exploitation. Recommendations: For...

Citrix UPM Log Parser

Citrix UPM Log Parser v1.5 Created Date: Oct 8, 2009 Modified Date: Oct 4, 2016 Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Description Citrix UPM Log Parser has been designed to hel...

rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c

An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not satisfy this...

DEBIAN-CVE-2019-17041

An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not satisfy this...

ALPINE-CVE-2019-17042

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...

UBUNTU-CVE-2019-17042

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...

UBUNTU-CVE-2019-17041

An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not satisfy this...

CVE-2019-10410

Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules...

Cross site scripting

Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules...

CVE-2019-10410

The CVE-2019-10410 entry concerns Jenkins Log Parser Plugin, affected at versions 2.0 and earlier. The root cause is that an error message was not escaped, enabling cross-site scripting when a user can define log parsing rules. The vulnerability impact is visible in the documentation as a persist...

CVE-2019-10410

Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules...