Lucene search
K

443 matches found

Cvelist
Cvelist
added 2024/06/25 8:8 p.m.43 views

CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log

ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...

8.8CVSS0.0051EPSS
Exploits0References2
OSV
OSV
added 2024/06/25 8:8 p.m.25 views

CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log

ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...

8.8CVSS6.3AI score0.0051EPSS
Exploits0References4
OSV
OSV
added 2024/06/25 5:26 p.m.16 views

GHSA-PPM5-JV84-2XG2 Aimeos HTML client may potentially reveal sensitive information in error log

Impact Debug information can reveal sensitive information from environment variables in error log Affected platform Laravel environments with multi-vendor setups and admin access for the vendors...

8.8CVSS8.5AI score0.0051EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/06/25 5:26 p.m.24 views

Aimeos HTML client may potentially reveal sensitive information in error log

Impact Debug information can reveal sensitive information from environment variables in error log Affected platform Laravel environments with multi-vendor setups and admin access for the vendors...

8.8CVSS6.5AI score0.0051EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/06/25 12:0 a.m.19 views

Aimeos HTML client may potentially reveal sensitive information in error log

Debug information can reveal sensitive information from environment variables in error log...

8.8CVSS6.5AI score0.0051EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/06/19 2:15 p.m.8 views

UBUNTU-CVE-2024-38552

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index 'i' exceeds the number of transfer...

7.8CVSS6.4AI score0.00297EPSS
Exploits0References29
Veracode
Veracode
added 2024/06/05 7:13 a.m.18 views

Sensitive Information Exposure

chainguard.dev/apko is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper redaction of sensitive information within error log output, where HTTP basic auth credentials from repository and keyring URLs are exposed, which allows an attacker with access to logs to...

7.5CVSS7.4AI score0.00441EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/05/21 3:31 p.m.17 views

CVE-2023-52785 scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcdmcqabort and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcdmcqabort clears lprb-cmd and a NULL pointer deref happens in the ISR. Error log:...

6.8AI score0.00179EPSS
Exploits0References3
Veracode
Veracode
added 2024/04/30 8:10 a.m.25 views

Sensitive Information Disclosure

Home Assistant is vulnerable to Sensitive Information Disclosure. The vulnerability is due to an unauthenticated attacker being able to read the application's error log via components/api.py...

7.5CVSS6.7AI score0.01677EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.26 views

RHEL 6 / 7 : rh-mariadb101-mariadb and rh-mariadb101-galera (RHSA-2018:0574)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0574 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The...

7.7CVSS7.4AI score0.04945EPSS
Exploits11References71
The Hacker News
The Hacker News
added 2024/04/13 8:25 a.m.110 views

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company's Unit 42 division is tracking the activity under the name Operation...

10CVSS9.9AI score0.99999EPSS
Exploits43
Patchstack
Patchstack
added 2024/03/19 12:0 a.m.10 views

WordPress Error Log Viewer by BestWebSoft Plugin < 1.1.3 is vulnerable to Sensitive Data Exposure

Software Error Log Viewer by BestWebSoft Type Plugin Vulnerable versions 1.1.3 Fixed in 1.1.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6821 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 5e5f4366a821 Credits Dmitrii...

6.5AI score0.00587EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2024/03/18 7:15 p.m.4 views

CVE-2023-6821

The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...

6.5CVSS7.3AI score0.00587EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/03/18 7:5 p.m.12 views

CVE-2023-6821 Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure

The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...

6.6AI score0.00587EPSS
Exploits2References1
CVE
CVE
added 2024/03/18 7:5 p.m.79 views

CVE-2023-6821

CVE-2023-6821 affects the WordPress plugin Error Log Viewer by BestWebSoft prior to version 1.1.3. It enables directory listing that allows unauthorized reading and downloading of PHP logs, exposing sensitive data. Public references (NVD/Red Hat/PatchStack) confirm the issue and indicate the fix ...

6.5CVSS9.3AI score0.00587EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/03/18 7:5 p.m.31 views

CVE-2023-6821 Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure

The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...

6.6AI score0.00587EPSS
Exploits2References1
Veracode
Veracode
added 2024/03/18 1:31 p.m.11 views

Error Log Leakage

fgr is vulnerable to Error Log Leakage. The vulnerability is due to insufficient sanitization of error messages or tracebacks within the code. The vulnerability allows an attacker with access to the log stream to expose potentially sensitive information through error messages or tracebacks...

6.6AI score
Exploits0
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.16 views

WordPress Plugin Error Log Viewer by BestWebSoft Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

6.5CVSS6.5AI score0.00587EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/02/28 10:6 a.m.40 views

CVE-2024-27315 Apache Superset: Improper error handling on alerts

An authenticated user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database. This error is not properly handled by Apache Superset and may inadvertently surface in the error log of the Alert...

4.3CVSS5.3AI score0.00969EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.6 views

PT-2024-15099 · Bestwebsoft · Error Log Viewer

Name of the Vulnerable Software and Affected Versions: The Error Log Viewer by BestWebSoft WordPress plugin versions prior to 1.1.3 Description: The issue allows users to read and download PHP logs without authorization, potentially exposing sensitive data. This is a Directory Listing issue...

6.5CVSS9.5AI score0.00587EPSS
Exploits2References8
Rows per page
Query Builder