CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-30345

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.02893EPSS

Exploits0References1

Citrix•added 2024/07/13 12:0 a.m.•6 views

Understanding HA fence due to storage

This article describes how to distinguish High Availability HA storage heartbeat fencing from real host crashes. While the majority of HA fencing events occur as regular reboots and leave clear and easily found log statements identifying the event as a fence, there is one particular type of fence...

7.2AI score

Exploits0

CNVD•added 2022/10/26 12:0 a.m.•16 views

Apache Heron Injection Vulnerability

Apache Heron is a distributed, fault-tolerant real-time stream processing engine. Heron suffers from an injection vulnerability caused by a lack of escaping in log statements, which can be exploited to achieve CRLF log injection...

9.8CVSS3.1AI score0.01789EPSS

Exploits0References1

OSV•added 2022/10/24 7:0 p.m.•14 views

GHSA-95W5-Q9VP-5VRM Heron allows CRLF log injection

Heron versions = 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue...

9.8CVSS9.6AI score0.01789EPSS

Exploits0References3

Prion•added 2022/10/24 2:15 p.m.•9 views

Crlf injection

Heron versions = 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue...

7.5CVSS9.5AI score0.01789EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/10/24 12:0 a.m.•4 views

CVE-2021-42010 CRLF log injection

Heron versions = 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue...

9.6AI score0.01789EPSS

Exploits0References2

Cvelist•added 2022/10/24 12:0 a.m.•12 views

CVE-2021-42010 CRLF log injection

Heron versions = 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue...

9.8AI score0.01789EPSS

Exploits0References2

Cvelist•added 2021/12/09 9:0 a.m.•14 views

CVE-2021-43410 airavata-django-portal allows CRLF log injection because of the lack of escaping in the log statements

Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. In particular, some HTTP request parameters are logged without first being escaped. Versions affected: master branch before commit 3c5d8c7 1 of airavata-django-portal 1...

5.8AI score0.02893EPSS

Exploits0References1

Prion•added 2021/05/04 7:15 a.m.•10 views

Crlf injection

Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping in the log statements...

5CVSS7.6AI score0.02937EPSS

Exploits0References1Affected Software1

Fedora•added 2020/05/24 4:2 a.m.•38 views

[SECURITY] Fedora 30 Update: log4net-2.0.8-10.fc30

log4net is a tool to help the programmer output log statements to a variety of output targets. log4net is a port of the excellent log4j framework to the .NET runtime...

9.8CVSS1.1AI score0.65576EPSS

Exploits0

Fedora•added 2017/05/02 3:59 p.m.•45 views

[SECURITY] Fedora 26 Update: log4j-2.7-4.fc26

Log4j is a tool to help the programmer output log statements to a variety of output targets...

9.8CVSS1.3AI score0.94013EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by