EUVD-2022-27298

Malicious code in bioql PyPI...

[SECURITY] Fedora 40 Update: log4j-2.20.0-7.fc40

Log4j is a tool to help the programmer output log statements to a variety of output targets...

PT-2023-21726 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 9.23.3 Description: The issue concerns the improper redaction of the directus refresh token from log outputs, allowing it to be used to impersonate users without their permission. This can lead to issues with...

Yokogawa CENTUM and Exaopc Improper Output Neutralization For Logs (CVE-2022-22151)

CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions fr...

CVE-2022-22151

CVE-2022-22151 affects Yokogawa CAMS for HIS Log Server and is due to improper output neutralization for logs. Affected products/versions include CENTUM CS 3000 (R3.08.10–R3.09.00), CENTUM VP (R4.01.00–R4.03.00, R5.01.00–R5.04.20, R6.01.00–R6.08.00), and Exaopc (R3.72.00–R3.79.00). The vulnerabil...

Information Disclosure

pacemaker is vulnerable to information disclosure. A use-after-free defect was discovered in pacemaker that can possibly lead to unsolicited information disclosure in the log outputs...

USN-3952-1 pacemaker vulnerabilities

Jan Pokorný discovered that Pacemaker incorrectly handled client-server authentication. A local attacker could possibly use this issue to escalate privileges. CVE-2018-16877 Jan Pokorný discovered that Pacemaker incorrectly handled certain verifications. A local attacker could possibly use this...