EUVD-2026-32624

Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive...

CVE-2026-27688

CVE-2026-27688 affects SAP NetWeaver Application Server for ABAP. A missing authorization check allows an authenticated user with privileges to execute a specific RFC function module to read Database Analyzer Log Files, potentially escalating privileges and exposing confidential data. Impact is l...

SAP NetWeaver Application Server for ABAP 安全漏洞

SAP NetWeaver Application Server for ABAP is a core application server platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver Application Server for ABAP, which stems from the lack of authorization checks. This vulnerability may allow authenticated...

CVE-2023-25825

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This i...

EUVD-2021-9273

Malicious code in bioql PyPI...

EUVD-2021-9199

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

orchardcore is vulnerable to Cross-site Scripting XSS attacks. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject log entries into the database logs, containing a malicious referrer field...

DEBIAN-CVE-2023-25825

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This i...

CVE-2023-25825

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This i...

Cross site scripting

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This i...

CVE-2023-25825 ZoneMinder contains Cross-site Scripting via log viewing

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This i...

CVE-2023-25825 ZoneMinder contains Cross-site Scripting via log viewing

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This i...

UBUNTU-CVE-2022-39289

ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, modification, deletion of logs without System Privileges. Users are advised yo upgrade as soon as...

ZoneMinder 信息泄露漏洞

ZoneMinder is an open source video surveillance software system. The system supports IP, USB, and analog cameras, etc. ZoneMinder is vulnerable to an information disclosure vulnerability that stems from the ZoneMinder API exposing database log content to users without permissions, allowing logs t...

Etherpad 安全漏洞

Etherpad-Lite is a Web-based open source document editor from the Etherpad Foundation. A security vulnerability exists in versions of Etherpad prior to 1.8.3 that stems from insecurely storing passwords used by users in the database and log files...

CVE-2021-22115

CVE-2021-22115 affects Cloud Foundry Cloud Controller API prior to version 1.106.0. The vulnerability arises because the CAPI database logs service broker passwords in plain text when a job to clean up orphaned items runs, exposing credentials if log access is compromised. Affected product/versio...

CVE-2021-22115: CAPI logs service broker credentials | Cloud Foundry

Severity Critical Vendor Cloud Foundry Foundation Description Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned ite...

Information Disclosure Vulnerability in Panavision OA

Panavision OA is an all-in-one mobile office cloud platform. An information disclosure vulnerability exists in Panmicro OA. An attacker can exploit the vulnerability to gain unauthorized access to database logs...

GaussDB Kernel: Configuring the Maximum Number of Audit Log Files

The parameter auditfileremainthreshold specifies the maximum number of audit log files. When the total number of audit log files exceeds the specified value, the system writes the warning information to the database logs, deletes the earliest audit log files, and records the deletion to the audit...

openGauss: Configuring the Maximum Disk Space Occupied by All Audit Log Files

The parameter auditspacelimit specifies the maximum disk space occupied by all audit log files. When the total size of audit log files exceeds the maximum value, the system writes the warning information to the database logs, deletes the earliest audit log files, and records the deletion to the...