66 matches found
Astra Linux - уязвимость в php8.1
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, and 8.3. before 8.3.12, when using PHP-FPM SAPI and the option catchworkersoutput is set to yes, it is possible to manipulate the log messages by removing up to 4 characters from the log messages. Additionally, if PHP-FPM is configured to us...
CVE-2025-59784
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...
EUVD-2025-208277
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...
CVE-2025-59784
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...
CVE-2025-59784
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...
CVE-2025-59784
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...
CVE-2025-59784 Log Pollution - Control Characters Not Escaped
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...
CVE-2025-59784 Log Pollution - Control Characters Not Escaped
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...
CVE-2025-59784
CVE-2025-59784 affects 2N Access Commander 3.4.1 and earlier. The issue is log pollution: certain API parameters may be written to logs without validation or sanitisation due to unescaped control characters. Exploitation requires administrator privileges (authenticated). The CVSS data indicates l...
2N Access Commander 安全漏洞
2N Access Commander is an access control solution provided by 2N Corporation. Versions of 2N Access Commander prior to 3.4.1 contained security vulnerabilities. These vulnerabilities were due to log pollution, which allowed attackers who had been authenticated by administrators to include...
openSUSE 16 Security Update : python-maturin (openSUSE-SU-2026:20180-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20180-1 advisory. - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011 Tenable has extracted the preceding description block directly from the SUSE securi...
Security update for python-maturin (moderate)
openSUSE security update: security update for python-maturin ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20180-1 Rating: moderate References: bsc1249011 Cross-References: CVE-2025-58160 CVSS scores: CVE-2025-58160 SUSE : 3.1...
OPENSUSE-SU-2026:20180-1 Security update for python-maturin
This update for python-maturin fixes the following issues: - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...
SUSE-SU-2026:20235-1 Security update for python-maturin
This update for python-maturin fixes the following issues: - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...
SUSE-SU-2026:20335-1 Security update for python-maturin
This update for python-maturin fixes the following issues: - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...
OPENSUSE-SU-2026:20060-1 Security update for cargo-c
This update for cargo-c fixes the following issues: - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249012 - CVE-2024-12224: idna: Fixed improper validation of Punycode labels...
openSUSE 16 Security Update : python-uv (openSUSE-SU-2026:20026-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20026-1 advisory. - CVE-2025-62518: astral-tokio-tar: Fixed boundary parsing issue allowing attackers to smuggle additional archive entries bsc1252399 -...
SUSE-SU-2026:20077-1 Security update for python-uv
This update for python-uv fixes the following issues: - CVE-2025-62518: astral-tokio-tar: Fixed boundary parsing issue allowing attackers to smuggle additional archive entries bsc1252399 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...
OPENSUSE-SU-2026:20026-1 Security update for python-uv
This update for python-uv fixes the following issues: - CVE-2025-62518: astral-tokio-tar: Fixed boundary parsing issue allowing attackers to smuggle additional archive entries bsc1252399 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...
openSUSE 16 Security Update : himmelblau (openSUSE-SU-2025-20114-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20114-1 advisory. - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687...