CVE-2026-40021

Apache Log4net before version 3.3.0 contains a vulnerability in XmlLayout and XmlLayoutSchemaLog4J where characters forbidden by XML 1.0 are not sanitized in MDC keys/values and the identity field. The issue causes a serialization exception and silent loss of the affected log event, which can be ...

CVE-2025-58344

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/connlogeventbursttous write operation, leading to kernel memory...

EUVD-2025-206700

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 2200, 1330, 1380, 1480, 1580, W920, W930, and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/connlogeventbursttous write operation, leading to kernel...

CVE-2025-58344

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/connlogeventbursttous write operation, leading to kernel memory...

CVE-2025-62788 Wazuh Vulnerable to Heap Use After Free in w_copy_event_for_log

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, wcopyeventforlog references memory initially allocated in OSCleanMSG after it has been freed. A compromised agent can potentially compromise the integrity of the application by sending a...

PT-2025-44322

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.11.0 Description Wazuh is a platform for threat prevention, detection, and response. A flaw exists in the w copy event for log function where it references memory after it has been freed, initially allocated in OS...

EUVD-2017-16652

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-25815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names f...

CVE-2024-40597

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. The logdeleted attribute is not respected...

CVE-2024-40598

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. The logdeleted attribute is not applied to entries...

CVE-2025-2562

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from...

Structured logging in Spring Boot 3.4

Logging is a long established part of troubleshooting applications and one of the three pillars of observability, next to metrics and traces. No one likes flying blind in production, and when incidents happen, developers are happy to have log files. Logs are often written out in a human-readable...

PT-2024-28933 · Mediawiki · Mediawiki Checkuser Extension

Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.42.1 Description: An issue was discovered in the CheckUser extension for MediaWiki. It can expose suppressed information for log events, as the log deleted attribute is not respected...

CVE-2024-1151

creationtimestamp| type| source ---|---|--- 2024-02-11 16:31:19+00:00| seen| https://t.me/ctinow/182831 2024-02-15 06:26:23+00:00| seen| https://t.me/ctinow/185247 2024-03-03 14:16:54+00:00| seen| https://t.me/ctinow/198735...

CVE-2022-40257

creationtimestamp| type| source ---|---|--- 2022-10-11 00:25:13+00:00| seen| https://t.me/cibsecurity/51071...

IBM QRadar SIEM Path Traversal Vulnerability

QRadar SIEM is an IBM enterprise security information and event management product that consolidates log event and network flow data from thousands of devices, endpoints and applications scattered across the network. A path traversal vulnerability exists in the way IBM QRadar SIEM versions 7.3 an...

IBM QRadar SIEM Hardcoded Credentials Vulnerability

QRadar SIEM is an IBM enterprise security information and event management product that consolidates log event and network flow data from thousands of devices, endpoints and applications scattered across the network. A hard-coded credentials vulnerability exists in IBM QRadar SIEM versions 7.3 an...

CVE-2021-0426

In parsePrimaryFieldFirstUidAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2021-0427

In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

DEBIAN-CVE-2020-25815

An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped instead of text...