CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

ATTACKERKB•added 2025/11/11 5:59 p.m.•5 views

CVE-2025-62208

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00486EPSS

Exploits0References2Affected Software18

RedHat Linux•added 2024/12/11 4:20 p.m.•2 views

php: PHP-FPM Log Manipulation Vulnerability

A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data...

3.3CVSS5.6AI score0.00482EPSS

Exploits1References5

CNNVD•added 2024/08/14 12:0 a.m.•2 views

F5 BIG-IP Next Central Manager 安全漏洞

F5 BIG-IP Next Central Manager is a centralized console from F5 USA. A security vulnerability exists in F5 BIG-IP Next Central Manager that stems from the fact that F5 iHealth credentials will be recorded in the BIG-IP Central Manager logs...

5.5CVSS6.7AI score0.00154EPSS

Exploits0References3

Positive Technologies•added 2024/08/14 12:0 a.m.•3 views

PT-2024-29535 · F5 · F5 Big-Ip Next

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP Next affected versions not specified Description: When generating a QKView of a BIG-IP Next instance from the BIG-IP Next Central Manager, F5 iHealth credentials will be logged in the BIG-IP Central Manager logs. Note that software...

5.5CVSS6.9AI score0.00154EPSS

Exploits0References4

OSV•added 2021/01/08 6:15 p.m.•3 views

UBUNTU-CVE-2020-25678

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...

4.4CVSS6.6AI score0.00269EPSS

Exploits0References6

Veracode•added 2019/02/07 2:22 a.m.•20 views

Cross-Site Scripting (XSS)

modx/revolution is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via a document resource such as pagetitle through the update or quick edit action. The Javascript is executed when viewing manager logs...

6.1CVSS5.9AI score0.00861EPSS

Exploits1References1Affected Software1

NVD•added 2019/02/06 5:29 p.m.•12 views

CVE-2018-20756

MODX Revolution through v2.7.0-pl allows XSS via a document resource such as pagetitle, which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs...

6.1CVSS6AI score0.00861EPSS

Exploits1References1

OSV•added 2019/02/06 5:29 p.m.•17 views

CVE-2018-20756

MODX Revolution through v2.7.0-pl allows XSS via a document resource such as pagetitle, which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs...

6.1CVSS5.8AI score

Exploits0References1

Prion•added 2019/02/06 5:29 p.m.•16 views

Cross site scripting

MODX Revolution through v2.7.0-pl allows XSS via a document resource such as pagetitle, which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs...

4.3CVSS6AI score0.00861EPSS

Exploits1References1Affected Software1

CVE•added 2019/02/06 5:0 p.m.•49 views

CVE-2018-20756

MODX Revolution (through v2.7.0-pl) is affected by a cross-site scripting (XSS) vulnerability via a document resource (e.g., pagetitle) that is mishandled during Update or Quick Edit actions, or when viewing manager logs. The issue is documented across multiple sources (NVD and related advisories...

6.1CVSS5.6AI score0.00861EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by