12 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-11751
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in...
Command injection
A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host...
CVE-2024-1367 Command Injection Vulnerability in Tenable Security Center
A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host...
PT-2024-17979 · Tenable · Tenable Security Center
Name of the Vulnerable Software and Affected Versions: Tenable Security Center affected versions not specified Description: A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging...
sqlite OS Command Injection Vulnerability
SQLite is a lightweight database that is ACID compliant relational database management system. A security vulnerability exists in sqlite. An attacker can exploit the vulnerability to modify logging parameters...
CVE-2023-40546 Shim: out-of-bounds read printing error messages
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
CVE-2019-11751
Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. Note: this issue...
CVE-2019-11751
Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. Note: this issue...
CVE-2019-11751
Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. Note: this issue...
Design/Logic Flaw
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters...
CVE-2013-2633
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters...
CVE-2002-1378
Multiple buffer overflows in OpenLDAP2 OpenLDAP 2 2.2.0 and earlier allow remote attackers to execute arbitrary code via 1 long -t or -r parameters to slurpd, 2 a malicious ldapfilter.conf file that is not properly handled by getfilter functions, 3 a malicious ldaptemplates.conf that causes an...