Weaknesses of type CWE-117
99 resultsCVE-2025-59476MEDIUMJenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict or transform the characters that can be inserted from user-specified coEPSS 0.3%CVE-2025-58580MEDIUMInjection via log fileEPSS 0.3%CVE-2024-13949MEDIUMLog ForgingEPSS 0.3%CVE-2026-6494MEDIUMAap-mcp-server: aap mcp server: log injection allows social engineering attacks via unsanitized inputEPSS 0.3%CVE-2026-45565HIGHRoxy-WI: EscapedString validator skips its '..' block when stripping (root cause for several path-traversal/RCE vectors)EPSS 0.3%CVE-2024-0690MEDIUMAnsible-core: possible information leak in tasks that ignore ansible_no_log configurationEPSS 0.3%CVE-2024-22229LOW
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker coEPSS 0.3%CVE-2025-11627MEDIUMSite Checkup AI Troubleshooting with Wizard and Tips for Each Issue <= 1.47 - Unauthenticated Log File PoisoningEPSS 0.3%CVE-2025-59784MEDIUMLog Pollution - Control Characters Not EscapedEPSS 0.3%CVE-2023-3997HIGHUnauthenticated Log Injection In Splunk SOAREPSS 0.3%CVE-2025-10217MEDIUMA vulnerability exists in Asset Suite for an authenticated user to manipulate the content of performance related log data or to inject craftEPSS 0.3%CVE-2024-35150MEDIUMIBM Maximo Application Suite log manipulationEPSS 0.3%CVE-2025-23405MEDIUMDario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Improper Output Neutralization For LogsEPSS 0.3%CVE-2025-25294MEDIUMEnvoy Gateway Log Injection VulnerabilityEPSS 0.3%CVE-2026-10745HIGHImproper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log InjectioEPSS 0.3%CVE-2024-56473MEDIUMIBM Aspera Shares Data ManipulationEPSS 0.3%CVE-2026-9016MEDIUMDebug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX ActionEPSS 0.3%CVE-2024-49355MEDIUMIBM OpenPages log manipulationEPSS 0.3%CVE-2025-0754MEDIUMEnvoyproxy: openshift service mesh 2.6.3 and 2.5.6 envoy header handling allows log injection and potential spoofingEPSS 0.3%CVE-2024-52891MEDIUMIBM Concert Software log manipulationEPSS 0.3%