CVE-2026-32743

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

EUVD-2026-13003

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

PT-2026-26168

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2025-53539

CVE-2025-53539 affects fastapi-guard: the DoS risk stems from inefficient regular expressions in the SusPatternsManager (suspatterns_handler.py) used to detect penetration attempts, enabling polynomial backtracking under crafted inputs. The vulnerability is documented as fixed in version 3.0.1; r...

DRUPAL-CONTRIB-2025-004

The AI logging sub-module enables you to log AI requests and responses for debugging and auditing purposes. The module doesn't sufficiently check for access to view the preview listing of the logs. Full log details are correctly protected, and API keys are never logged. This vulnerability is...

AI (Artificial Intelligence) - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-004

The AI logging sub-module enables you to log AI requests and responses for debugging and auditing purposes. The module doesn't sufficiently check for access to view the preview listing of the logs. Full log details are correctly protected, and API keys are never logged. This vulnerability is...

phloc-webbasics Security Vulnerabilities

phloc-webbasics is a library for handling scopes in Web applications by Boris Gregorcic Personal Developer. A security vulnerability exists in phloc-webbasics version 7.0.0, which stems from the presence of an information disclosure vulnerability that could allow a local attacker with access to l...

Apache Log4j 代码问题漏洞

Apache Log4j is the United States Apache Apache Foundation of a Java-based open source logging tool . Apache Log4J has a code issue vulnerability that can be exploited by an attacker to design a data request to be sent to a server using the Apache Log4j tool, which triggers remote code execution...

Swissknife - Scriptable VSCode Extension To Generate Or Manipulate Data. Stop Pasting Sensitive Data In Webpag

The developers swissknife. Do conversions and generations right out of vs code. Extendable with user scripts Available in the Visual Studio Marketplace Currently available scripts Base64 decode Base64 encode Binary To Text Bip39 Mnemonic CSV to Markdown Count characters Count words Crypto currenc...

CVE-2021-26905

1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key...

CVE-2018-0289

A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of requests stored in logs in the application management interface. An attacker could...

OpenShift: pod log location must validate container if provided

It was found that OpenShift's API back end did not verify requests for pod log locations, allowing a pod on a Node to request logs for any other pod on that Node. A remote attacker could use this flaw to view sensitive information via pod logs that they would normally not have access to...

Cross site scripting

Cross-site scripting XSS vulnerability in the Server component in CA Host-Based Intrusion Prevention System HIPS before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer...