85 matches found
Improper Output Neutralization for Logs
Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the unconditional acceptance of attacker-supplied HTTP headers in the getclientip function. An attacker can manipulate server-visible metadata, logs, and authorization decisions by supplying...
EUVD-2016-3018
Malware in sbrugna...
EUVD-2009-1196
Malware in sbrugna...
EUVD-2003-0382
Malware in sbrugna...
EUVD-2015-4024
Malware in sbrugna...
EUVD-2024-46269
Malicious code in bioql PyPI...
EUVD-2024-19805
Malicious code in bioql PyPI...
EUVD-2022-28865
Malicious code in bioql PyPI...
CLSA-2025-1755886078 tuned: Fix of CVE-2024-52337
CVE-2024-52337: sanitize API arguments to prevent log spoofing by both escaping ' characters and restricting newlines from being inserted...
Linux Distros Unpatched Vulnerability : CVE-2024-52337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequenc...
Security Bulletin: IBM Storage Defender: Data Protect vulnerabilities resolved in release Defender 2.0.14/Data Protect 7.2.2_u1
Summary Security Bulletin: IBM Storage Defender: Data Protect vulnerabilities resolved in release Defender 2.0.14/Data Protect 7.2.2u1. The vulnerabilities have been addressed in Data Protect 7.2.2u1, which is included with IBM Storage Defender 2.0.14. Vulnerability Details CVEID:CVE-2023-26118...
TencentOS Server 2: tuned (TSSA-2024:1049)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1049 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Security Bulletin: IBM QRadar Network Packet Capture includes components with a known vulnerability (CVE-2024-52337)
Summary The product includes multiple vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM has addressed the relevant CVE. Vulnerability Details CVEID:CVE-2024-52337 DESCRIPTION: A log spoofing flaw was found in the Tuned package due to...
Alibaba Cloud Linux 3 : 0279: tuned (ALINUX3-SA-2024:0279)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0279 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-52337: A log spoofing flaw was found in th...
Log Spoofing Source Routing and Redirect Packets
Logging spoofing, source routing, and redirect packets sent to the system helps discover attack sources and formulate protection measures. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...