| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-3996 | 7.5 |
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
|
01-02-2023 - 19:47 | 17-12-2019 - 22:15 | |
| CVE-2019-3995 | 5.0 |
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.
|
01-02-2023 - 19:45 | 17-12-2019 - 22:15 | |
| CVE-2019-3994 | 5.0 |
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to
|
01-02-2023 - 19:41 | 17-12-2019 - 22:15 | |
| CVE-2019-3992 | 5.0 |
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain ac
|
15-10-2020 - 19:36 | 17-12-2019 - 22:15 | |
| CVE-2019-3993 | 5.0 |
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.
|
15-10-2020 - 19:35 | 17-12-2019 - 22:15 |