6 matches found
VMware Aria Operations for Logs 安全漏洞
VMware Aria Operations for Logs is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A security vulnerability exists in VMware Aria Operations for Logs. An attacker can exploit this vulnerability to inject malicious scripts...
VMware Aria Operations for Logs Security Vulnerability
VMware Aria Operations for Logs is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A security vulnerability exists in VMware Aria Operations for Logs, which stems from an authentication bypass vulnerability...
Weak Security Controls and Practices Routinely Exploited for Initial Access
The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory CSA on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise...
Vmware VMware vRealize Log Insight 注入漏洞
VMware vRealize Log Insight is a centralized log management solution from Vmware, Inc. VMware vRealize Log Insight is vulnerable to a CSV injection vulnerability that allows an authenticated attacker to embed untrusted data through CSV tables...
Graylog permission permission and access control issue vulnerability (CNVD-2021-61088)
Graylog is a centralized log management solution from Graylog, Inc. The product supports capturing, storing, and analyzing logs in real-time, among other things. graylog suffers from a permission permission and access control issue vulnerability that stems from a session ID leak in audit logs pri...
Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting
Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...