14 matches found
CVE-2022-37423
Neo4j APOC Awesome Procedures on Cypher before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream...
Malicious Package
Overview json-log-stream is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-31359
Malicious code in bioql PyPI...
CVE-2025-11017
A vulnerability was detected in OGRECave Ogre up to 14.4.1. The impacted element is the function Ogre::LogManager::stream of the file /ogre/OgreMain/src/OgreLogManager.cpp. Performing manipulation of the argument mDefaultLog results in null pointer dereference. The attack must be initiated from a...
MAL-2025-27630 Malicious code in node-log-stream (npm)
The package node-log-stream was found to contain malicious code...
Malicious code in node-log-stream (npm)
The package node-log-stream was found to contain malicious code...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a resource management error vulnerability that originates in the kunitinitsuite function of the kunit test framework, which fails to set the stream pointer of...
GHSA-879P-8GW4-MCPW fgr Vulnerable to Insecure Default Variable Initialization
Impact Any users whom would not desire a traceback to be included in their logs whenever an error is raised in their code will be affected. If users have inadvertently created a scenario in their code that could cause a traceback to include sensitive information and a malicious entity gained acce...
fgr Vulnerable to Insecure Default Variable Initialization
Impact Any users whom would not desire a traceback to be included in their logs whenever an error is raised in their code will be affected. If users have inadvertently created a scenario in their code that could cause a traceback to include sensitive information and a malicious entity gained acce...
CVE-2022-37423
Neo4j APOC Awesome Procedures on Cypher before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream...
Directory traversal
Neo4j APOC Awesome Procedures on Cypher before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream...
Neo4j 路径遍历漏洞
Neo4j is a Java-based and fully ACID-compatible graphical database from Neo4j, Inc. that supports data migration, add-ons, and more. A security vulnerability exists in Neo4j APOC Awesome Procedures on Cypher version 4.3.0.7, version 4.x up to and including 4.4.0.8, which stems from allowing...
FreeBSD : zeek -- several vulnerabilities (d4d21998-bdc4-4a09-9849-2898d9b41459)
Tim Wojtulewicz of Corelight reports : Paths from log stream make it into system unchecked, potentially leading to commands being run on the system unintentionally. This requires either bad scripting or a malicious package to be installed, and is considered low severity. Fix potential unbounded...
zeek -- several vulnerabilities
Tim Wojtulewicz of Corelight reports: Paths from log stream make it into system unchecked, potentially leading to commands being run on the system unintentionally. This requires either bad scripting or a malicious package to be installed, and is considered low severity. Fix potential unbounded...