14 matches found
PT-2025-44564
Name of the Vulnerable Software and Affected Versions Heimdall Data Database Proxy affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy with minimal user interaction. The flaw resides in...
EUVD-2019-11963
Malware in sbrugna...
CVE-2025-58580
CVE-2025-58580 affects SICK Enterprise Analytics (and related SICK Analytics products) where an API endpoint allows creation of arbitrary log entries via POST without sufficient input validation. The root cause is insecure input handling, enabling an attacker to create manipulated or diluted logs...
Apache Log4j < 2.15.0 Remote Code Execution (Nix)
The version of Apache Log4j on the remote host is 2.x 2.3.1 / 2.4 2.12.2 / 2.13 2.15.0. It is, therefore, affected by a remote code execution vulnerability in the JDNI parser due to improper log validation. An unauthenticated, remote attacker can exploit this to bypass authentication and execute...
Apache Log4j < 2.15.0 Remote Code Execution (Windows)
The version of Apache Log4j on the remote host is 2.x 2.15.0. It is, therefore, affected by a remote code execution vulnerability in the JNDI parser due to improper log validation. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands. Log4j...
ZTE ZXV10 B860A Information Disclosure Vulnerability
The ZTE ZXV10 B860A is a network set-top box from China's ZTE Corporation ZTE. The ZTE ZXV10 B860A suffers from an information disclosure vulnerability that stems from the device not adequately validating logs, which can be exploited by an attacker to gain access to sensitive user information for...
ZTE ZXV10 B860A 日志信息泄露漏洞
The ZTE ZXV10 B860A is a network set-top box from China's ZTE Corporation ZTE. The ZTE ZXV10 B860A suffers from an information disclosure vulnerability that stems from the device not adequately validating logs, which can be exploited by an attacker to gain access to sensitive user information for...
CVE-2019-14045
Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130...
CVE-2020-3156
A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface. An attacker could...
CVE-2018-0289
A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of requests stored in logs in the application management interface. An attacker could...
DEBIAN-CVE-2013-2178
The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...
CVE-2013-2178
The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...
CVE-2013-2178
The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...
CVE-2013-2178
The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...