mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

PYSEC-2018-46

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

CVE-2018-7251

An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error such as "Too many connections" has occurred...

Information Exposure

An issue was discovered in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error such as 'Too many connections' has occurred...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

Error: "Backup Failure: Could not find required XVA" on NetScaler SDX

After upgrading NetScaler SDX and Netscaler VPX firmware to any newer version you will get daily notifications about backups failing: For Example the Log Message is as below: Local0.Error 10.xx.xx. svmevent: GMT : EVENT BACKUPFAILED : 127.0.0.1:BackupFailure: - Could not find required XVA for...

Check_MK Internal Server Error XSS

The version of CheckMK running on the remote web server is affected by a reflected cross-site XSS scripting vulnerability in the Internal Server Error page, due to improper encoding of error log output. An unauthenticated, remote attacker can exploit this to execute arbitrary script code in a...

CVE-2017-1000151

Mahara is affected in versions 15.04 before 15.04.9, 15.10 before 15.10.5, and 16.04 before 16.04.3. The root cause is that passwords or other sensitive information can be passed via unusual parameters and end up in error logs, leading to information disclosure. Impact is partial confidentiality ...

CVE-2017-1000151

Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log...

CVE-2017-1226

IBM Tivoli Endpoint Manager IBM BigFix Platform 9.2 and 9.5 generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905...

CVE-2017-1226

CVE-2017-1226 affects IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.2.x and 9.5.x. The vulnerability stems from error logging that may include sensitive environmental information, enabling potential attackers to gather details for follow-on actions. Affected component: error messages l...

WEM Database Upgrade Failure "CREATE DATABASE permission denied in database"

When attempting to create a new Database/update an existing database using the Database Creation Wizard, we receive the following error: The following error is is written to the WEM Database Management Utility Log: "CREATEDATABASE permission denied in database"...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: unsafe chmod/chown use in init script (CPU Jan 2017)

Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

CVE-2017-1434

IBM DB2 for Linux, UNIX and Windows 11.1 includes DB2 Connect Server under unusual circumstances, could expose highly sensitive information in the error log to a local user...

Design/Logic Flaw

IBM DB2 for Linux, UNIX and Windows 11.1 includes DB2 Connect Server under unusual circumstances, could expose highly sensitive information in the error log to a local user...