20 matches found
DNN DotNetNuke 跨站脚本漏洞
DNN DotNetNuke is a.NET platform content management system developed by DNN Corporation. Version 9.5 of DNN DotNetNuke contains a cross-site scripting vulnerability. This vulnerability arises from allowing ordinary users to upload malicious XML files containing executable scripts through the...
EUVD-2020-4213
Malware in sbrugna...
Malicious code in vite-logging-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efc641d41a5a062db57b5add42c3b87b5f0c2c434c694e7d512d62dce1dc7400 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5170 Malicious code in vite-logging-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efc641d41a5a062db57b5add42c3b87b5f0c2c434c694e7d512d62dce1dc7400 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
like-girl 安全漏洞
like-girl is a couple logging tool by the individual developer of kiCode111 in China. A security vulnerability exists in like-girl version 5.2.0, which originates from the parameter...
like-girl 安全漏洞
like-girl is a couple logging tool by the individual developer of kiCode111 in China. A security vulnerability exists in like-girl version 5.2.0, which originates from SQL injection due to incorrect operation of the parameters imgDatd/imgText/imgUrl in the file /admin/ImgAddPost.php...
CVE-2020-11873
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 April 2020...
OESA-2025-1295 pcp security update
PCP provides a range of services that may be used to monitor and manage system performance. These services are distributed and scalable to accommodate the most complex system configurations and performance problems. Security Fixes: A vulnerability was found in Performance Co-Pilot PCP. This flaw...
Apache Log4j 安全漏洞
Apache Log4j is a Java-based open source logging tool from the Apache USA Foundation. A security vulnerability exists in Apache Log4j version 1.2 that stems from untrusted data deserialization...
pcp: pmpost symlink attack allows escalating pcp to root user
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
AZL-49659 CVE-2024-45770 affecting package pcp 5.1.1-3
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
DEBIAN-CVE-2024-45770
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
Apache Log4j SQL Injection Vulnerability
Apache Log4j, a Java-based open source logging tool from the Apache Foundation, is vulnerable to SQL injection, which stems from a JDBCAppender in Log4j 1.2.x that accepts a SQL statement as a configuration parameter, where the value to be inserted is from the PatternLayout's converter. The messa...
Apache Log4j Code Execution Vulnerability
Apache Log4j is a Java-based open source logging tool from the Apache Foundation. Apache Log4j 1.2 is vulnerable to a code issue that could be exploited by attackers to run code via JMSApender deserialization...
Apache log4j2 denial of service vulnerability
Apache Log4j is a Java-based open source logging tool from the Apache Foundation. Apache log4j2 suffers from a denial-of-service vulnerability. When improperly configured, an attacker can exploit the vulnerability to cause a denial-of-service attack...
Apache Log4j 代码问题漏洞
Apache Log4j is a Java-based open source logging tool from the Apache Foundation. Apache Log4j 1.2 is vulnerable to a code issue that could be exploited by attackers to run code via JMSApender deserialization...
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2
Published on: 2021 Dec 11, updated 2021 Dec 18. SUMMARY Microsoft continues our analysis of the remote code execution vulnerabilities related to Apache Log4j a logging tool used in many Java-based applications disclosed on 9 Dec 2021. Currently, Microsoft is not aware of any impact, outside of th...
CVE-2020-11873
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 April 2020...
CVE-2020-11873
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 April 2020...
Stack overflow
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 April 2020...