Vulnerabilities (CVE)

Filtered by CWE-778
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-10863 2024-11-22 N/A N/A
: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.
CVE-2024-2291 2024-11-21 N/A 4.3 MEDIUM
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered.  An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.
CVE-2024-24901 2024-11-21 N/A 3.0 LOW
Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.
CVE-2021-43419 1 Opayweb 1 Opay 2024-11-21 N/A 7.5 HIGH
An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app.
CVE-2021-32680 2 Fedoraproject, Nextcloud 2 Fedora, Nextcloud Server 2024-11-21 2.1 LOW 3.3 LOW
Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is supposed to be logged. This issue is patched in versions 19.0.13, 20.0.11, and 21.0.3.
CVE-2019-19295 1 Siemens 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) does not enforce logging of security-relevant activities in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to perform covert actions that are not visible in the application log.
CVE-2024-48967 2024-11-15 N/A 10.0 CRITICAL
The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator and/or the Service PC could, without detection, make unauthorized changes to ventilator settings that result in unauthorized disclosure of information and/or have unintended impacts on device performance.