CVE-2018-21019

Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py...

CVE-2018-21019

Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py...

PYSEC-2019-221

Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py...

Information disclosure

Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py...

WordPress error-log-viewer plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. error-log-viewer is an error log viewer plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

CVE-2017-18562

The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...

Cross site scripting

The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...

CVE-2017-18562

CVE-2017-18562 affects the WordPress Error Log Viewer plugin by BestWebSoft prior to version 1.0.6. The connected documents confirm multiple XSS flaws in this plugin, enabling an authenticated attacker to execute arbitrary JavaScript in victims’ browsers (potentially stealing session data or acti...

CVE-2017-18562

The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...

CVE-2017-18425

In cPanel before 66.0.2, the cpdavderrorlog file can be created with weak permissions SEC-280...

CVE-2019-9838

VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...

CVE-2019-4039

IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local attacker to cause a denial of service within the error log reporting system. IBM X-Force ID: 156163...

Design/Logic Flaw

IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local attacker to cause a denial of service within the error log reporting system. IBM X-Force ID: 156163...

CVE-2019-4039

IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local attacker to cause a denial of service within the error log reporting system. IBM X-Force ID: 156163...

CVE-2019-4039

CVE-2019-4039 affects IBM WebSphere MQ: 8.0.0.0–8.0.0.9 and 9.0.0.0–9.1.1. The issue allows a local attacker to cause a denial of service within the error log reporting system. Root cause is tied to the error logging function; no exploit details are provided in the documents. The vulnerability is...

PT-2019-16856 · Ibm · Ibm Websphere Mq

Name of the Vulnerable Software and Affected Versions: IBM WebSphere MQ versions 8.0.0.0 through 8.0.0.9 IBM WebSphere MQ versions 9.0.0.0 through 9.1.1 Description: The issue allows a local attacker to cause a denial of service within the error log reporting system. Recommendations: For IBM...

SUSE-SU-2019:1207-1 Security update for 389-ds

This update for 389-ds fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-10850: Fixed a race condition on reference counter that would lead to a denial of service using persistent search bsc1096368 - CVE-2017-15134: Fixed a remote denial of service via...

PHP error_log File Detected

An information disclosure vulnerability exists in the remote web server due to the disclosure of the errorlog file. An unauthenticated, remote attacker can exploit this, via a simple GET request, to disclose potentially sensitive information. No source data...

Improper Access Control

Oracle MySQL is vulnerable to improper access control. MySQL init script mishandles initialization of the database data directory and permission setting on the error log file allowing local attackers to escalate their privileges to root or cause a system crash...

Privilege Escalation

mysqldsafe is vulnerable to privilege escalation attacks. The flaw was found in the way the mysqldsafe script handled creation of error log file. A local authenticated user could use this flaw to escalate their privileges to root...