CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2002-1674

Malware in sbrugna...

5CVSS6.4AI score0.0209EPSS

Exploits0References4

Positive Technologies•added 2025/06/12 12:0 a.m.•2 views

PT-2025-25305

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to modify the log...

8.6CVSS5.5AI score0.00594EPSS

Exploits0References12

NVD•added 2024/07/11 3:15 a.m.•15 views

CVE-2024-23194

Improper output Neutralization for Logs CWE-117 in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 MR1...

3.3CVSS0.00043EPSS

Exploits0References1

CNNVD•added 2024/07/11 12:0 a.m.•2 views

Gallagher Command Centre security breach

Gallagher Command Centre is a centralized control tool for Gallagher access control systems from Gallagher New Zealand. A security vulnerability exists in Gallagher Command Centre vEL9.10.1268 MR1 prior to v9.10, which stems from an improperly neutralized log output may give an attacker limited...

3.3CVSS6.7AI score0.00043EPSS

Exploits0References2

OSV•added 2023/06/13 5:15 p.m.•5 views

CVE-2023-31437

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."...

5.3CVSS5.2AI score

Exploits0References3

CVE•added 2023/06/13 12:0 a.m.•163 views

CVE-2023-31439

CVE-2023-31439 : Affects systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file so that integrity checking shows no error, despite modifications. The Initial Description notes the vendor replied denying that this finding is a security vulnera...

5.3CVSS5.2AI score0.00138EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2023/06/13 12:0 a.m.•8 views

CVE-2023-31437

7.2AI score0.00187EPSS

Exploits0References3

OSV•added 2019/08/08 8:15 a.m.•0 views

CVE-2019-1973

A vulnerability in the web portal framework of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to improper input validation of log file...

4.8CVSS6AI score

Exploits0References1

Debian CVE•added 2010/01/13 8:0 p.m.•29 views

CVE-2009-4488

Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. NOTE: the vendo...

9.8CVSS7.6AI score0.0192EPSS

Exploits2

NVD•added 2002/12/31 5:0 a.m.•17 views

CVE-2002-1694

Microsoft Internet Information Server IIS 4.0 opens log files with FILESHAREREAD and FILESHAREWRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running...

5CVSS6.6AI score0.0209EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by