Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elog project elog vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-6342
elog 3.1.1 allows remote malicious users to post data as any username in the logbook.
Fedoraproject Fedora 24
Elog Project Elog 3.1.1
5
CVSSv2
CVE-2019-3992
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usern...
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-3993
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-3994
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-3995
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv2
CVE-2019-3996
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2006-6318
The show_elog_list function in elogd.c in elog 2.6.2 and previous versions allows remote authenticated users to cause a denial of service (daemon crash) by attempting to access a logbook whose name begins with "global," which results in a NULL pointer dereference. NOTE:...
Stefan Ritt Elog Web Logbook 2.0.5
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.5.7
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.6.0
Stefan Ritt Elog Web Logbook 2.6.1
Stefan Ritt Elog Web Logbook
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.5
7.5
CVSSv2
CVE-2006-0598
Buffer overflow in elogd.c in elog prior to 2.5.7 r1558-4 allows malicious users to execute code via unspecified variables, when writing to the log file.
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.5
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.0.5
7.5
CVSSv2
CVE-2006-0597
Multiple stack-based buffer overflows in elogd.c in elog prior to 2.5.7 r1558-4 allow malicious users to cause a denial of service (application crash) and possibly execute code via long "revision attributes".
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.5
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.0.5
5
CVSSv2
CVE-2006-0599
The (1) elog.c and (2) elogd.c components in elog prior to 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote malicious users to determine valid usernames.
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.5
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.0.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »