GHSA-364Q-W7VH-VHPC OliveTin's unsafe parsing of UniqueTrackingId can be used to write files

When the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the StartAction API request. This value is not validated or sanitized before being used in a file...

EUVD-2018-2157

Malware in sbrugna...

CVE-2024-52973

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/logentries/summary. This can be carried out by users with read access to the Observability-Logs feature in Kibana...

CVE-2024-52973 Kibana allocation of resources without limits or throttling leads to crash

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/logentries/summary. This can be carried out by users with read access to the Observability-Logs feature in Kibana...

CVE-2024-52973 Kibana allocation of resources without limits or throttling leads to crash

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/logentries/summary. This can be carried out by users with read access to the Observability-Logs feature in Kibana...

CVE-2023-47530

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPVibes Redirect 404 Error Page to Homepage or Custom Page with Logs allows SQL Injection.This issue affects Redirect 404 Error Page to Homepage or Custom Page with Logs: from n/a through 1.8.7...

Cross site scripting

Cross-site scripting XSS vulnerability in Zoho ManageEngine EventLog Analyzer 11.12 allows remote attackers to inject arbitrary web script or HTML via the import logs feature...