CVE-2025-68152

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, it is possible that a compromised workload machine under a Juju...

CVE-2026-27688

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...

EUVD-2026-10463

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...

PT-2026-24164

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP affected versions not specified Description An authenticated attacker with user privileges may be able to read Database Analyzer Log Files due to a missing authorization check within a specific RFC...

CVE-2022-50869 fs/ntfs3: Fix slab-out-of-bounds in r_page

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

SUSE CVE-2022-50562

In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpiputtable to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpigettable to get the ACPI information, but the acpigettable should be coupled with...

EUVD-2016-3250

Malware in sbrugna...

EUVD-2013-5260

Malware in sbrugna...

CVE-2025-34098

The CVE-2025-34098 entry describes a path traversal vulnerability in Riverbed SteelHead VCX appliances (confirmed in VCX255U 9.6.0a) where improper input validation in the log filtering functionality exposed via the management web interface allows an authenticated attacker to submit crafted filte...

CVE-2025-1769

CVE-2025-1769 is a Directory Traversal vulnerability in the WordPress plugin “Product Import Export for WooCommerce – Import Export Product CSV Suite” affecting all versions up to and including 2.5.0. It allows an authenticated user with Administrator+ privileges to read arbitrary server log file...

The vulnerability of the tpm_read_log_efi() function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the tpmreadlogefi function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system is related to a numerical overflow or cyclic shift. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2024-26508 · WordPress · Wordpress Backup & Migration

Name of the Vulnerable Software and Affected Versions: WordPress Backup & Migration plugin versions up to, and including, 1.4.8 Description: The issue allows authenticated attackers with subscriber access or above to access log files maintained by the plugin due to a missing capability check on t...

DEBIAN-CVE-2021-46951

In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpmreadlogefi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efitpmfinallogsize will at...

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from the fact that when tpmreadlogefi is called multiple times, the global variable efitpmfinallogsize will at some point become negativ...

kernel: tpm: acpi: Call acpi_put_table() to fix memory leak

In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpiputtable to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpigettable to get the ACPI information, but the acpigettable should be coupled with...

Apache Airflow 访问控制错误漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is characterized by scalability and dynamic monitoring. A security vulnerability exists in Apache Airflow versions prior to 2.1.2, which stems fr...

PT-2024-11068 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue occurs when tpm read log efi is called multiple times, which can happen when loading and unloading a TPM2 driver multiple times. This causes the global variable efi tpm final...

LinuxMagic MagicSpam-Plesk Extended Insecure File Permissions Vulnerability

LinuxMagic MagicSpam-Plesk extension is an anti-spam extension from LinuxMagic Canada. A security vulnerability exists in LinuxMagic MagicSpam-Plesk extension version 2.0.13. The vulnerability can be exploited by a local attacker to obtain mailbox names by reading /var/log/magicspam/mslog...

Race condition

Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place...

Default configuration

The default configuration of HP Client Automation HPCA Enterprise Infrastructure aka Radia allows remote attackers to read log files, and consequently cause a denial of service or have unspecified other impact, via web requests...