275 matches found
CVE-2025-5428 juzaweb CMS Error Logs Page log-viewer access control
A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2025-5428 juzaweb CMS Error Logs Page log-viewer access control
A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...
PT-2025-23461 · Unknown · Juzawebcms
Name of the Vulnerable Software and Affected Versions: juzaweb CMS versions up to 3.4.2 Description: A critical issue has been discovered, affecting an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. This leads to improper access controls, allowing for remote...
SAML URL monitor to login.microsoftonline.com is down
Continuous error logs on the Netscaler dashboard as below "8699 77 PPE-0 DBSMonServiceBindinglogin.microsoftonline.com:443tcp-defaultvpndbssvc1339998057: DOWN; Last response: Failure - Time out during TCP connection establishment stage"...
CVE-2024-23760
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...
CVE-2022-3923
The ActiveCampaign for WooCommerce WordPress plugin before 1.9.8 does not have authorisation check when cleaning up its error logs via an AJAX action, which could allow any authenticated users, such as subscriber to call it and remove error logs...
CVE-2024-11994
APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the document, this could disclose sensitive information in APM Server error logs...
CVE-2025-4166 Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2024-11994
APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the document, this could disclose sensitive information in APM Server error logs...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to the logging of partially failed bulk index requests. An attacker can disclose sensitive information contained in the document body by accessing error logs. Remediation Upgrade...
CVE-2024-11994 APM Server Insertion of Sensitive Information into Log File
APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the document, this could disclose sensitive information in APM Server error logs...
CVE-2024-11994
CVE-2024-11994 affects Elastic APM Server. A partially failed bulk index request can cause parts of the document body to be logged in APM Server error logs, potentially exposing sensitive information. Affected versions are Elastic APM Server prior to the fix; mitigation is to upgrade to version 8...
PT-2025-18390 · Elastic · Apm Server
Name of the Vulnerable Software and Affected Versions: Elasticsearch APM Server affected versions not specified Description: The issue concerns the potential disclosure of sensitive information in APM Server error logs. This could happen when a bulk index request partially fails, causing parts of...
Pulsegram - Integrated Keylogger With Telegram
PulseGram is a keylogger integrated with a Telegram bot. It is a monitoring tool that captures keystrokes, clipboard content, and screenshots, sending all the information to a configured Telegram bot. It is designed for use in adversary simulations and security testing contexts. ⚠️ Warning: This...
CVE-2025-30660 Junos OS: MX Series: Decapsulation of specific GRE packets leads to PFE reset
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS.When processing a high rate of specific GRE traffic destined to th...
Linux Distros Unpatched Vulnerability : CVE-2024-56722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.3.0p27, prior to 2.2.0p40, and 2.1.0p51, which stems from LDAP credentials being written to an Apache error log file...
CVE-2022-46153
Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...
CVE-2024-56722 RDMA/hns: Fix cpu stuck caused by printings during reset
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots o...
WordPress All-in-One WP Migration and Backup plugin <= 7.86 - Unauthenticated Information Disclosure via Error Logs vulnerability
Unauthenticated Information Disclosure via Error Logs vulnerability discovered by villu164 in WordPress Plugin All-in-One WP Migration versions = 7.86...