Lucene search
K

168 matches found

AlpineLinux
AlpineLinux
added 2025/07/10 4:55 p.m.4 views

CVE-2024-47252

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

7.5CVSS6.4AI score0.00669EPSS
Exploits0
OSV
OSV
added 2025/06/10 5:12 a.m.2 views

MAL-2025-4882 Malicious code in server-log-engine (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98c5b185c67de0bfe5bcf39953a89a1ffcb666e055d24d971a6926437a672f1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/10 5:12 a.m.4 views

Malicious code in server-log-engine (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98c5b185c67de0bfe5bcf39953a89a1ffcb666e055d24d971a6926437a672f1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:21 p.m.5 views

CVE-2022-38133

In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases...

5.3CVSS6.1AI score0.00384EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:16 a.m.7 views

CVE-2018-1000633

The Open Microscopy Environment OMERO.web version prior to 5.4.7 contains an Information Exposure Through Log Files vulnerability in the login form and change password form that can result in User's password being revealed. Attacker can log in as that user. This attack appear to be exploitable vi...

7.2CVSS7.1AI score0.01219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:34 a.m.7 views

CVE-2011-2758

IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server TDS 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not require authentication for access to LDAP Server log files, which allows remote attackers to obtain sensitive information via a crafted URL...

5CVSS6.4AI score0.02129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:39 p.m.6 views

CVE-2002-2389

TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files...

5CVSS7.2AI score0.01901EPSS
Exploits0References1
NVD
NVD
added 2025/02/20 4:15 a.m.25 views

CVE-2024-49355

IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature...

6.5CVSS0.0026EPSS
Exploits0References1
CVE
CVE
added 2024/09/11 4:32 p.m.58 views

CVE-2024-8097

CVE-2024-8097 affects Payara Server (Logging modules): credentials posted in plain text may be exposed in server logs. Affected versions include 4.1.2.191.0–4.1.2.191.50, 5.20.0–5.67.0, 5.2020.2–5.2022.5, 6.0.0–6.18.0, and 6.2022.1–6.2024.9. Upgrade to fixed releases (e.g., 4.1.2.191.50+, 5.67.0+...

6.7CVSS7.1AI score0.00188EPSS
Exploits0References2
Kitploit
Kitploit
added 2024/05/01 12:30 p.m.50 views

OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer

Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to enhance security by identifying and detecting various types of cyber attacks within your server logs. Stay ahead of potential threats with features that include: Features 1. Attac...

7AI score
Exploits0References1
Citrix
Citrix
added 2023/09/21 12:0 a.m.10 views

PVS server cannot logon database with Error "The Login is from an Untrusted Domain and Cannot ..."

PVS server console cannot be launched with error: "The database login failed." SQL server log error: "Login failed. The login is from an untrusted domain and cannot be used with Integrated authentication." "SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection...

8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/02/24 12:0 a.m.7 views

CVE-2023-0595

A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port default 443. Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert...

5.3CVSS5.3AI score0.00417EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.5 views

SUSE CVE-2016-5437

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log...

4.9CVSS7.8AI score0.02151EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.4 views

SUSE CVE-2018-19960

The debugmode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshareserver.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname...

7CVSS6.4AI score0.00314EPSS
Exploits0References3
OSV
OSV
added 2023/02/10 3:15 a.m.6 views

CVE-2023-23286

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

6.1CVSS6.2AI score0.02628EPSS
Exploits4References3
Prion
Prion
added 2023/02/10 3:15 a.m.12 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

5.8CVSS6.1AI score0.02628EPSS
Exploits4References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/10 12:0 a.m.9 views

PT-2023-18887 · Unknown · Provide Server

Name of the Vulnerable Software and Affected Versions: Provide server version 14.4 Description: The issue allows attackers to execute arbitrary code through the server-log via the username field from the login form. This is a Cross Site Scripting XSS issue. Recommendations: For Provide server...

6.1CVSS6.2AI score0.02628EPSS
Exploits4References7
Fedora
Fedora
added 2023/01/18 1:41 a.m.213 views

[SECURITY] Fedora 36 Update: awstats-7.8-9.fc36

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

6.1CVSS6.2AI score0.00655EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/19 9:4 p.m.20 views

Security Bulletin: Vulnerability due to Server log files exposure affects IBM License Metric Tool v9 and IBM BigFix Inventory v9 (CVE-2016-8963)

Summary IBM License Metric Tool v9 and IBM BigFix Inventory v9 Server log files can potentially reveal sensitive information. Vulnerability Details CVEID: CVE-2016-8963 DESCRIPTION: IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.1AI score0.00307EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/08/10 4:15 p.m.21 views

CVE-2022-38133

In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases...

5.3CVSS0.00384EPSS
Exploits0References1
Rows per page
Query Builder