Lucene search
K

275 matches found

Cvelist
Cvelist
added 2025/06/02 4:0 a.m.41 views

CVE-2025-5428 juzaweb CMS Error Logs Page log-viewer access control

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS0.0035EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/02 4:0 a.m.6 views

CVE-2025-5428 juzaweb CMS Error Logs Page log-viewer access control

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS6.8AI score0.0035EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.8 views

PT-2025-23461 · Unknown · Juzawebcms

Name of the Vulnerable Software and Affected Versions: juzaweb CMS versions up to 3.4.2 Description: A critical issue has been discovered, affecting an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. This leads to improper access controls, allowing for remote...

6.5CVSS6.4AI score0.0035EPSS
Exploits1References10
Citrix
Citrix
added 2025/05/29 12:0 a.m.13 views

SAML URL monitor to login.microsoftonline.com is down

Continuous error logs on the Netscaler dashboard as below "8699 77 PPE-0 DBSMonServiceBindinglogin.microsoftonline.com:443tcp-defaultvpndbssvc1339998057: DOWN; Last response: Failure - Time out during TCP connection establishment stage"...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:42 a.m.17 views

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

2.7CVSS6.4AI score0.00442EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:13 p.m.9 views

CVE-2022-3923

The ActiveCampaign for WooCommerce WordPress plugin before 1.9.8 does not have authorisation check when cleaning up its error logs via an AJAX action, which could allow any authenticated users, such as subscriber to call it and remove error logs...

4.3CVSS6.7AI score0.00483EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/03 1:11 p.m.16 views

CVE-2024-11994

APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the document, this could disclose sensitive information in APM Server error logs...

5.7CVSS6.5AI score0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/02 2:57 p.m.10 views

CVE-2025-4166 Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin

Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...

4.5CVSS4.4AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2025/05/01 2:15 p.m.6 views

CVE-2024-11994

APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the document, this could disclose sensitive information in APM Server error logs...

5.7CVSS0.00223EPSS
Exploits0References1
Snyk
Snyk
added 2025/05/01 1:44 p.m.4 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to the logging of partially failed bulk index requests. An attacker can disclose sensitive information contained in the document body by accessing error logs. Remediation Upgrade...

6.9CVSS6.6AI score0.00223EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/01 1:6 p.m.8 views

CVE-2024-11994 APM Server Insertion of Sensitive Information into Log File

APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the document, this could disclose sensitive information in APM Server error logs...

5.7CVSS6.6AI score0.00223EPSS
Exploits0References1
CVE
CVE
added 2025/05/01 1:6 p.m.52 views

CVE-2024-11994

CVE-2024-11994 affects Elastic APM Server. A partially failed bulk index request can cause parts of the document body to be logged in APM Server error logs, potentially exposing sensitive information. Affected versions are Elastic APM Server prior to the fix; mitigation is to upgrade to version 8...

5.7CVSS5.4AI score0.00223EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.6 views

PT-2025-18390 · Elastic · Apm Server

Name of the Vulnerable Software and Affected Versions: Elasticsearch APM Server affected versions not specified Description: The issue concerns the potential disclosure of sensitive information in APM Server error logs. This could happen when a bulk index request partially fails, causing parts of...

5.7CVSS5.9AI score0.00223EPSS
Exploits0References3
Kitploit
Kitploit
added 2025/04/29 12:30 p.m.114 views

Pulsegram - Integrated Keylogger With Telegram

PulseGram is a keylogger integrated with a Telegram bot. It is a monitoring tool that captures keystrokes, clipboard content, and screenshots, sending all the information to a configured Telegram bot. It is designed for use in adversary simulations and security testing contexts. ⚠️ Warning: This...

7.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 8:5 p.m.7 views

CVE-2025-30660 Junos OS: MX Series: Decapsulation of specific GRE packets leads to PFE reset

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS.When processing a high rate of specific GRE traffic destined to th...

8.7CVSS6.9AI score0.00372EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-56722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed...

5.5CVSS6.8AI score0.00217EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/19 12:0 a.m.5 views

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.3.0p27, prior to 2.2.0p40, and 2.1.0p51, which stems from LDAP credentials being written to an Apache error log file...

7.5CVSS6.5AI score0.00293EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 9:1 p.m.14 views

CVE-2022-46153

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

8.1CVSS6.5AI score0.00488EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/29 11:29 a.m.18 views

CVE-2024-56722 RDMA/hns: Fix cpu stuck caused by printings during reset

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots o...

0.00217EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/10/21 7:15 p.m.6 views

WordPress All-in-One WP Migration and Backup plugin <= 7.86 - Unauthenticated Information Disclosure via Error Logs vulnerability

Unauthenticated Information Disclosure via Error Logs vulnerability discovered by villu164 in WordPress Plugin All-in-One WP Migration versions = 7.86...

5.3CVSS6.6AI score0.01175EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder