CVE-2020-5807

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpys if a local user opens FactoryTalk Diagnosti...

CVE-2013-5168

Console in Apple Mac OS X before 10.9 allows user-assisted remote attackers to execute arbitrary applications by triggering a log entry with a crafted attached URL...

📄 Microsoft SQL Server 2022 Missing Log Entry

Microsoft SQL Server 2022 fails to properly log when a security audit is configured for SERVERPERMISSIONCHANGEGROUP. Title: SQL Server 2022 Security Audit Failure Vulnerability Product: Microsoft SQL Server Affected Versions: 2022 RTM-CU18 KB5050771 Tested Versions: 2022 RTM-CU18 KB5050771 Fix:...

CVE-2025-24889

The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions on the SecureDrop Workstation. Prior to versions 0.14.1 and 1.0.1, an attacker who has already gained code execution in a virtual machine on the SecureDrop Workstation could gain...

CVE-2006-0201

The provided connected documents confirm CVE-2006-0201 affects PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier versions. The vulnerability allows remote attackers to inject false payment entries into the log file by sending HTTP POST requests to ipn_success.php, indicating an inpu...