Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elog project elog vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-6342
elog 3.1.1 allows remote malicious users to post data as any username in the logbook.
Fedoraproject Fedora 24
Elog Project Elog 3.1.1
7.5
CVSSv3
CVE-2019-3992
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usern...
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-3993
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.5
CVSSv3
CVE-2019-3996
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-3994
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-3995
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
NA
CVE-2006-6318
The show_elog_list function in elogd.c in elog 2.6.2 and previous versions allows remote authenticated users to cause a denial of service (daemon crash) by attempting to access a logbook whose name begins with "global," which results in a NULL pointer dereference. NOTE:...
Stefan Ritt Elog Web Logbook 2.0.5
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.5.7
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.6.0
Stefan Ritt Elog Web Logbook 2.6.1
Stefan Ritt Elog Web Logbook
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.5
NA
CVE-2006-0598
Buffer overflow in elogd.c in elog prior to 2.5.7 r1558-4 allows malicious users to execute code via unspecified variables, when writing to the log file.
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.5
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.0.5
NA
CVE-2006-0597
Multiple stack-based buffer overflows in elogd.c in elog prior to 2.5.7 r1558-4 allow malicious users to cause a denial of service (application crash) and possibly execute code via long "revision attributes".
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.5
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.0.5
NA
CVE-2006-0599
The (1) elog.c and (2) elogd.c components in elog prior to 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote malicious users to determine valid usernames.
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.5
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »