12 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-23356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drbd: fix LOGIC BUG in drbdalbeginiononblock Even though we check that we should be able to do lcgetcumulative while holding the device-allock spinlock, it may...
Description of the security update for SharePoint Server Subscription Edition: November 11, 2025 (KB5002800)
Description of the security update for SharePoint Server Subscription Edition: November 11, 2025 KB5002800 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update...
EUVD-2023-50864
Malicious code in bioql PyPI...
EUVD-2025-23036
Malicious code in bioql PyPI...
CVE-2025-53649
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...
CVE-2025-52893
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. Th...
CVE-2023-36995
TravianZ through 8.3.4 allows XSS via the Alliance tag/name, the statistics page, the link preferences, the Admin Logs, or the COOKUSR cookie...
CVE-2021-37861
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails...
CVE-2020-25250
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client applications can write arbitrary data to the server logs...
CVE-2025-30435
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may be able to access sensitive user data in system logs...
CVE-2020-28365
Sentrifugo 3.2 allows Stored Cross-Site Scripting XSS vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the payload is executed. NOTE: This vulnerability only affects products that are no longer supported by...
[Full-Disclosure] exploiting fortigate firewall through webinterface
Issue: Several vulnerabilities in web interface of Fortigate firewall of which the most serious one will allow a remote attacker to obtain a username and password of the Fortigate. Release: pre 2.50 maintenance release 4 Fixed in: Fortinet OS 2.50 MR4, available from FTP as of 29 Sept. 2003 Date:...