MISP 资源管理错误漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analyzing threats to network security and malware analysis. MISP has a resource management...

EUVD-2025-176387

Malicious code in sigma-file-signal-log-report npm...

Malicious code in sigma-file-signal-log-report (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e56f9455f2e267b6923668bc3fcc20ae59667c62ffee139e2dfe75c84d11eef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2009-0504

Malware in sbrugna...

Moodle 4.2.x < 4.2.4 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...

Failed to execute cmdlet "Export-LogReportCsv"

While running cmdlet "Export-LogReportCsv" and setting parameter "StartDateRange" before two weeks or more, "The remote server returned an unexpected response: 502 Bad Gateway" error may show as below. ----------- Export-LogReportCsv -OutputFile "C:\temp\CitrixConfigLog.csv" -StartDateRange...

CVE-2024-34006

The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered...

PT-2024-25634 · Alt Linux +1 · Alt Linux +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns the site log report, which required additional encoding of event descriptions. This encoding is necessary to ensure that any HTML in the content is displayed in...

CVE-2024-29876

SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/reports/activitylogreport, 'sortby' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted query to the server and extract all the data from it...

DRUPAL-CONTRIB-2024-007

The Entity Delete Log module tracks the deletion of configured entity types, such as node or comments. It does not add sufficient permission to the log report page, allowing an attacker to view information from deleted entities...

SUSE CVE-2013-1884

The moddavsvn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service segmentation fault and crash via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable...

CVE-2021-41013

An improper access control vulnerability CWE-284 in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report Browse section of Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs...

Improper access control

An improper access control vulnerability CWE-284 in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report Browse section of Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs...

CVE-2021-41013

An improper access control vulnerability CWE-284 in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report Browse section of Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs...

LG Smart IP Camera 1508190 - Backup File Download

Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Date: 2018-09-11 Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0 print"==========================================================================" print" Exploit Title: LG Smart IP...

LG Smart IP Camera 1508190 - Backup File Download

LG Smart IP Camera 1508190 - Backup File Download Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Date: 2018-09-11 Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0...

CVE-2012-0941

Multiple cross-site scripting XSS vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the 1 Endpoint Monitor, 2 Dialup List, or 3 Log&Report Display modules, or the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the 1 Endpoint Monitor, 2 Dialup List, or 3 Log&Report Display modules, or the...

CVE-2012-0941

Multiple cross-site scripting XSS vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the 1 Endpoint Monitor, 2 Dialup List, or 3 Log&Report Display modules, or the...

Updated moodle package fixes security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.4.8, some password changes on admin pages were being recorded and shown to administrators in the config log report CVE-2014-0008. In Moodle before 2.4.8, users were able to log in as a user who in a is not in the same group...