Lucene search
+L

43 matches found

Drupal
Drupal
added 2025/05/21 12:0 a.m.27 views

Admin Audit Trail - Less critical - Denial of Service - SA-CONTRIB-2025-068

The Admin Audit Trail module tracks logs of specific events that you'd like to review. When the submodule Admin Audit Trail: User Authentication is enabled, it logs user authentication events login, logout, and password reset requests. The module does not sufficiently limit some large values befo...

6.5CVSS7.2AI score0.00267EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/28 12:0 a.m.6 views

PT-2025-18087 · Snowflake · Snowflake Jdbc Driver

Name of the Vulnerable Software and Affected Versions: Snowflake ODBC Driver versions prior to 3.7.0 Description: The issue concerns the logging of sensitive information. In certain code paths, the whole SQL query was logged at the INFO level. This could potentially lead to the exposure of...

3.3CVSS7AI score0.0013EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/18 9:50 a.m.45 views

Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9.

Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-25184 DESCRIPTION: Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be...

9.8CVSS8.4AI score0.01157EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.14 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : Ansible vulnerabilities (USN-7330-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7330-1 advisory. It was discovered that Ansible did not properly verify certain fields of X.509 certificates. An attacker could possib...

7.8CVSS7.1AI score0.02458EPSS
Exploits2References9
NVD
NVD
added 2025/02/28 1:15 p.m.10 views

CVE-2025-22271

The application or its infrastructure allows for IP address spoofing by providing its own value in the "X-Forwarded-For" header. Thus, the action logging mechanism in the application loses accountability This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of...

6.9CVSS0.00394EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unwanted warnings and logging issues in the bonding subsystem bondxdpgetxmitslave function...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2024/10/01 1:24 p.m.19 views

USN-7049-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data. CVE-2024-8925 It was discovered that PHP incorrectly handled the cgi.forceredirect configuration option due to...

7.5CVSS7.1AI score0.01054EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2023/09/18 12:0 a.m.3 views

PT-2023-6647 · Elastic · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana version 8.10.0 Description: The issue impacts Kibana when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern, allowing sensitive information to be recorded in logs in the event of an error. The...

9CVSS7.4AI score0.00656EPSS
Exploits0References11
OSV
OSV
added 2022/12/22 8:52 a.m.10 views

SUSE-SU-2022:4607-1 Security update for conmon

This update for conmon fixes the following issues: conmon was updated to version 2.1.5: don't leak syslogidentifier logging: do not read more that the buf size logging: fix error handling Makefile: Fix install for FreeBSD signal: Track changes to getsignaldescriptor in the FreeBSD version Packit:...

7.8CVSS7.3AI score0.02827EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.4 views

PT-2022-10452 · Solarwinds · Serv-U

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: This issue pertains to a broken access control vulnerability where a domain admin can access configuration and user data of other domains without authorization. The access is...

4.3CVSS4.5AI score0.00687EPSS
Exploits0References3
OSV
OSV
added 2022/05/12 10:24 a.m.5 views

MGASA-2022-0170 Updated cifs-utils packages fix security vulnerability

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. CVE-2022-27239 cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign...

7.8CVSS6.3AI score0.01866EPSS
Exploits0References5
OSV
OSV
added 2021/06/11 10:55 a.m.1 views

SUSE-SU-2021:1959-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - Fixed plaintext password entries in logfiles bsc1184016...

7.3AI score
Exploits0References2
OSV
OSV
added 2020/06/25 12:18 p.m.4 views

OPENSUSE-SU-2020:0865-1 Security update for uftpd

This update for uftpd fixes the following issues: uftpd was updated to version 2.12. Changes: Use common log message format and log level when user enters an invalid path. This unfortunately affects changes introduced in v2.11 to increase logging at default log level. Security fixes: -...

7.5CVSS6.8AI score0.02316EPSS
Exploits1References3
CNVD
CNVD
added 2020/06/22 12:0 a.m.9 views

jaegertracing/jaeger information disclosure vulnerability

Jaeger is an open source distributed system monitoring service released by the Linux Foundation , it is mainly used to monitor the distributed system transactions and troubleshooting and so on. A log information disclosure vulnerability exists in versions of jaegertracing/jaeger before 1.18.1. An...

7.1CVSS6.2AI score0.00427EPSS
Exploits0
OSV
OSV
added 2020/03/09 12:0 p.m.7 views

SUSE-SU-2020:0617-1 Security update for ipmitool

This update for ipmitool fixes the following issues: - CVE-2020-5208: Fixed multiple remote code executtion vulnerabilities bsc1163026. - picmg discover messages are now DEBUG and not INFO messages bsc1085469...

8.8CVSS9.1AI score0.0329EPSS
Exploits1References4
OSV
OSV
added 2018/07/01 5:17 p.m.4 views

MGASA-2018-0303 Updated ansible packages fix security vulnerability

Ansible prior to 2.4.5 does not honor the nolog task flag for failed tasks. When the nolog flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user...

5.9CVSS5.7AI score0.03088EPSS
Exploits0References4
Debian
Debian
added 2016/08/09 8:18 p.m.56 views

[SECURITY] [DLA 588-2] mongodb security update

Package : mongodb Version : 2.0.6-1+deb7u1 CVE ID : CVE-2016-6494 Debian Bug : 832908, 833087 This is an update of DLA-558-1. The previous build had revision number that was considered lower than the one in wheezy and was therefore not installed at upgrade. The text for DLA-558-1 is included here...

5.5CVSS5.6AI score0.0037EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/02/21 12:0 a.m.29 views

RedHat Update for nfs-utils RHSA-2012:0310-03

Check for the Version of nfs-utils OpenVAS Vulnerability Test RedHat Update for nfs-utils RHSA-2012:0310-03 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

3.3CVSS0.1AI score0.00359EPSS
Exploits0References2
OSV
OSV
added 2005/08/30 11:45 a.m.10 views

CVE-2005-1856

The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack...

6AI score
Exploits0References2
Packet Storm
Packet Storm
added 2000/11/21 12:0 a.m.32 views

analogx-4.10.dos.txt

Network Security Solutions Inc. Security Advisory Philippine based Security Company Http://www.Nssolution.net Http://connect.to/nssi AnalogX Proxy Server DoS/Buffer Overflow Vulnerabilty Author: Abraham Lincoln H. Handle: zer0logic Email : [email protected], [email protected]...

7.4AI score
Exploits0
Rows per page
Query Builder