23 matches found
EUVD-2013-0436
Malware in sbrugna...
EUVD-2023-24334
Malicious code in bioql PyPI...
PT-2025-5853 · 2N · 2N Os
Name of the Vulnerable Software and Affected Versions: 2N OS affected versions not specified Description: The issue allows an authorized user to enable logging when using the API in the 2N OS device. This logging functionality discloses valid authentication tokens in the system log...
Structured logging in Spring Boot 3.4
Logging is a long established part of troubleshooting applications and one of the three pillars of observability, next to metrics and traces. No one likes flying blind in production, and when incidents happen, developers are happy to have log files. Logs are often written out in a human-readable...
[SECURITY] Fedora 40 Update: slf4j-1.7.32-12.fc40
The Simple Logging Facade for Java or SLF4J is intended to serve as a simple facade for various logging APIs allowing to the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging JCL. Logging API...
CVE-2023-20155
A vulnerability in a logging API in Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not...
CVE-2023-20155
Summary: CVE-2023-20155 affects Cisco Firepower Management Center (FMC). The issue is a lack of rate-limiting on a logging API used by FMC, which can be exploited by an unauthenticated remote attacker to cause a DoS (CPU spiking to 100% and potential reload) or, with valid credentials but not Adm...
CVE-2023-20155
A vulnerability in a logging API in Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not...
Cisco Firepower Management Center Security Vulnerability
Cisco Firepower Management Center FMC is the next-generation firewall management center software from Cisco. A security vulnerability exists in Cisco Firepower Management Center that stems from a flaw in the logging API that could allow an unauthenticated, remote attacker to cause a device to be...
Apache Log4j JAR Detection (Windows)
Binary data apachelog4jwininstalled.nbin...
Information Disclosure
java is vulnerable to information disclosure. The vulnerability exists as it was discovered that the JRE passed entire objects to the logging API. This could lead to sensitive information being leaked to either untrusted or lower-privileged code from an attacker-controlled applet which has access...
CVE-2019-10195
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with...
[SECURITY] Fedora 28 Update: slf4j-1.7.25-4.fc28
The Simple Logging Facade for Java or SLF4J is intended to serve as a simple facade for various logging APIs allowing to the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging JCL. Logging API...
OpenJDK: logging insufficient access control checks (Libraries, 6664528)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...
OpenJDK: logging insufficient access control checks (Libraries, 6664528)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...
OpenJDK: logging insufficient access control checks (Libraries, 6664509)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...
OpenJDK: logging insufficient access control checks (Libraries, 6664528)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...
OpenJDK: logging insufficient access control checks (Libraries, 6664509)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...
OpenJDK: logging insufficient access control checks (Libraries, 6664528)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...
java security update
CentOS Errata and Security Advisory CESA-2009:1584 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide th...