Lucene search
K

75 matches found

CNNVD
CNNVD
added 2023/07/06 12:0 a.m.6 views

Cisco Duo 安全漏洞

Cisco Duo is a fully managed solution from Cisco, Inc. providing secure access to your applications and data. A security vulnerability exists in Cisco Duo that stems from a flaw in the logging component of the authentication agent that could allow an authenticated, remote attacker to view sensiti...

6.5CVSS6.5AI score0.00356EPSS
Exploits0References3
CVE
CVE
added 2023/05/30 6:46 p.m.55 views

CVE-2023-1711

CVE-2023-1711 affects Hitachi Energy FOXMAN-UN and UNEM logging components. Affected products/versions include FOXMAN-UN: R9C, R10C, R11A, R11B, R14A, R14B, R15A, R15B, R16A and UNEM: R9C, R10C, R11A, R11B, R14A, R14B, R15A, R15B, R16A. The vulnerability is described as improper output neutraliza...

4.4CVSS4.8AI score0.00241EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.4 views

PT-2023-8824 · Unem +1 · Unem +1

Name of the Vulnerable Software and Affected Versions: FOXMAN-UN versions R9C through R16A UNEM versions R9C through R16A Description: A vulnerability exists in the FOXMAN-UN and UNEM logging component, affecting systems that use remote authentication to the network elements. If exploited, an...

4.4CVSS7.2AI score0.00241EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.1 views

SUSE CVE-2017-3317

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Logging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQ...

4CVSS6.7AI score0.004EPSS
Exploits0References15
Veracode
Veracode
added 2022/11/10 12:30 a.m.34 views

Information Disclosure

rh-mysql80-mysql is vulnerable to information disclosure. The vulnerability exists in the Server: Logging component, allowing an attacker to access critical data or complete access to all MySQL Server accessible data through the multiple protocol...

4.4CVSS5.6AI score0.01285EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.4 views

PT-2022-6728 · Cisco · Cisco Duo Authentication Proxy

Name of the Vulnerable Software and Affected Versions: Cisco Duo Authentication Proxy affected versions not specified Description: A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text o...

6.5CVSS6.3AI score0.00356EPSS
Exploits0References5
Prion
Prion
added 2022/06/22 2:15 p.m.21 views

Design/Logic Flaw

A vulnerability in the logging component of Cisco Adaptive Security Device Manager ASDM could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited...

2.1CVSS5.2AI score0.00424EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/06/22 1:55 p.m.195 views

CVE-2022-20651

CVE-2022-20651 describes an information-disclosure in the Cisco ASDM logging component. An authenticated, local attacker could access logs on a shared workstation and read unencrypted credentials stored there, leaking other users’ credentials. The issue is tied to how ASDM logs store sensitive da...

5.5CVSS5.5AI score0.00424EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/14 12:0 a.m.5 views

The vulnerability of the logging component of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server micro-programming software for call management devices allows a perpetrator to disclose protected information.

The vulnerability of the logging component of Cisco Expressway microprogramming software and the Cisco TelePresence Video Communication Server microprogramming software management device relates to the disclosure of information through registration files. Exploiting this vulnerability can allow a...

4.3CVSS6.5AI score0.00887EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2022/05/01 6:32 p.m.43 views

JULI logging component in Apache Tomcat does not restrict certain permissions for web applications

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...

6.4CVSS7AI score0.05156EPSS
Exploits1References39Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.6 views

CVE-2022-21460

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.4CVSS6.6AI score0.01285EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/04/19 12:0 a.m.5 views

PT-2022-3048 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.37 and prior MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Logging component of MySQL Server, allowing a high-privileged attacker with networ...

10CVSS7AI score0.87816EPSS
Exploits22References826
Positive Technologies
Positive Technologies
added 2022/01/12 12:0 a.m.4 views

PT-2022-1420 · Cisco · Cisco Adaptive Security Device Manager

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Device Manager ASDM affected versions not specified Description: The issue is related to insufficient protection of registration data in the logging component of Cisco Adaptive Security Device Manager ASDM. This could...

5.5CVSS5.8AI score0.00424EPSS
Exploits1References9
OSV
OSV
added 2021/10/20 11:17 a.m.1 views

UBUNTU-CVE-2021-35633

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

2.7CVSS6.5AI score0.01449EPSS
Exploits0References4
NVD
NVD
added 2021/05/18 11:15 a.m.26 views

CVE-2020-15279

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research...

4CVSS0.00474EPSS
Exploits0References1
Prion
Prion
added 2021/05/18 11:15 a.m.16 views

Improper access control

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research...

2.1CVSS4.1AI score0.00474EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/05/18 12:0 a.m.9 views

PT-2021-9743 · Bitdefender · Bitdefender Endpoint Security Tools For Windows

Name of the Vulnerable Software and Affected Versions: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 Description: An Improper Access Control issue in the logging component allows a regular user to learn the scanning exclusion paths. This issue was discovered during...

4CVSS4.1AI score0.00474EPSS
Exploits0References3
Cisco
Cisco
added 2021/01/13 4:0 p.m.51 views

Cisco Unified Communications Products Information Disclosure Vulnerability

A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager...

4.3CVSS5.3AI score0.00908EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/11/10 12:0 a.m.5 views

The vulnerability of the Logging component of the Oracle Hospitality OPERA 5 Property Services software solution allows a hacker to gain full control over the application.

The vulnerability of the Logging component in the Oracle Hospitality OPERA 5 Property Services software solution relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain full control over the application through the HTTP network protocol...

9CVSS6.9AI score0.01365EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/11/10 12:0 a.m.3 views

The vulnerability of the Logging component in the Oracle Hospitality OPERA 5 Property Services software solution allows a malicious individual to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Logging component in the Oracle Hospitality OPERA 5 Property Services software solution relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to modify, add, or delet...

8.5CVSS6.9AI score0.01451EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder