Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project log vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3357
Cross-site scripting (XSS) vulnerability in the Wishlist module prior to 6.x-2.7 and 7.x-2.x prior to 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are no...
Wishlist Project Wishlist 7.x-2.6
Wishlist Project Wishlist 7.x-2.x-dev
Wishlist Project Wishlist 7.x-2.5
Wishlist Project Wishlist
NA
CVE-2013-4484
Varnish prior to 3.0.5 allows remote malicious users to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.
Varnish-cache Varnish 2.0.0
Varnish Cache Project Varnish Cache 2.0.6
Varnish Cache Project Varnish Cache 2.0.1
Varnish Cache Project Varnish Cache 2.1.1
Varnish Cache Project Varnish Cache 2.0.4
Varnish Cache Project Varnish Cache 3.0.0
Varnish Cache Project Varnish Cache 2.1.2
Varnish Cache Project Varnish Cache 2.1.0
Varnish Cache Project Varnish Cache 2.0.3
Varnish Cache Project Varnish Cache 2.1.5
Varnish Cache Project Varnish Cache 2.0.5
Varnish Cache Project Varnish Cache 3.0.2
Varnish Cache Project Varnish Cache 3.0.1
Varnish Cache Project Varnish Cache
Varnish Cache Project Varnish Cache 3.0.3
Varnish Cache Project Varnish Cache 2.1.4
Varnish Cache Project Varnish Cache 2.1.3
Varnish Cache Project Varnish Cache 2.0.2
4.3
CVSSv3
CVE-2022-0338
Insertion of Sensitive Information into Log File in Conda loguru before 0.5.3.
Loguru Project Loguru
5.3
CVSSv3
CVE-2023-31437
An issue exists in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
Systemd Project Systemd 253
1 Github repository
5.3
CVSSv3
CVE-2023-31438
An issue exists in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerabili...
Systemd Project Systemd 253
1 Github repository
9.8
CVSSv3
CVE-2020-35869
An issue exists in the rusqlite crate prior to 0.23.0 for Rust. Memory safety can be violated because rusqlite::trace::log mishandles format strings.
Rusqlite Project Rusqlite
6.1
CVSSv3
CVE-2017-16904
The Public tologin feature in admin.php in LvyeCMS up to and including 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an administrator.
Lvyecms Project Lvyecms
8.8
CVSSv3
CVE-2021-45379
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
Glewlwyd Project Glewlwyd
5.3
CVSSv3
CVE-2021-25009
The CorreosExpress WordPress plugin up to and including 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses
Correosexpress Project Correosexpress
NA
CVE-2015-3448
REST client for Ruby (aka rest-client) prior to 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
Rest-client Project Rest-client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »