442 matches found
CVE-2025-53650
Jenkins Credentials Binding Plugin 687.v619cb15e923f and earlier does not properly mask i.e., replace with asterisks credentials present in exception error messages that are written to the build log...
U.S. Dept Of Defense: Critical PII Data Exposure in ORDER_ERROR_LOG
A critical security vulnerability was identified in the application's error logging system. The ORDERERRORLOG file contained complete database insertion statements that exposed personally identifiable information of customers in plain text format. The error handling mechanism was logging full SQL...
AZL-72722 CVE-2025-38126 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptprate is not 0 before configuring timestamping The stmmac platform drivers that do not open-code the clkptprate value after having retrieved the default one from the device-tree can end up with 0 in...
PT-2025-27499 · Maven · Io.Sentry:Sentry-Android +1
Impact Under specific circumstances, text composables may contain unmasked sensitive data in Android session replays. You may be impacted if you meet the following conditions: - Using any sentry-android with versions = 1.8.0-alpha08 - This includes any alpha, beta, release candidate, or general...
📄 FUDForum 3.2.0 Cross Site Scripting
FUDForum version 3.2.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: FUDForum 3.2.0 Stored XSS Authenticated Exploit Author: tmrswrr Vendor Homepage: http://fudforum.org/ Software Link: https://sourceforge.net/projects/fudforum/files/FUDforum3.2.0.zip/download Versi...
CVE-2023-6821
The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...
CVE-2022-29882
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses the error logs - perform arbitrary...
CVE-2021-43271
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11.1, 11.11.1a, 11.11.5, and 11.11.5a when configured to use local, RADIUS, or TACACS authentication logs usernames and passwords if either is entered incorrectly. If a user enters an incorrect username...
CVE-2021-24966
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...
CVE-2020-36608
A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS. Affected by this issue is some unknown functionality of the file adminorganizer.js of the component Error Log Module. The manipulation leads to cross site scripting. The attack may be launched...
CVE-2012-0836
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors...
CVE-2013-3387
Cisco Prime Central for Hosted Collaboration Solution HCS Assurance 8.6 and 9.x before 9.21 allows remote attackers to cause a denial of service disk consumption via a flood of TCP packets to port 5400, leading to large error-log files, aka Bug ID CSCua42724...
CVE-2019-9838
VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...
CVE-2018-21019
Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py...
CVE-2017-18562
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...
CVE-2025-37774 slab: ensure slab->obj_exts is clear in a newly allocated slab page
In the Linux kernel, the following vulnerability has been resolved: slab: ensure slab-objexts is clear in a newly allocated slab page ktest recently reported crashes while running several buffered io tests with alloctaggingslaballochook at the top of the crash call stack. The signature indicates ...
CVE-2025-32681
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through = 1.0.5...
CVE-2025-32681
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through = 1.0.5...
CVE-2025-32681 WordPress Error Log Viewer By WP Guru plugin <= 1.0.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through = 1.0.5...
CVE-2025-32681 WordPress Error Log Viewer By WP Guru plugin <= 1.0.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer allows Blind SQL Injection. This issue affects Error Log Viewer: from n/a through 1.0.5...