Vulnerabilidades en Graylog2
9 resultadosCVE-2024-24824HIGHgraylog2-server vulnerable to instantiation of arbitrary classes triggered by API requestEPSS 34.5%CVE-2024-52506HIGHGraylog can leak other users' reports via concurrent PDF report renderingEPSS 0.6%CVE-2023-41044LOWPartial path traversal vulnerability in Support Bundle feature of GraylogEPSS 0.6%CVE-2025-53106HIGHGraylog vulnerable to privilege escalation through API tokensEPSS 0.5%CVE-2024-24823MEDIUMgraylog2-server Session Fixation vulnerability through cookie injectionEPSS 0.4%CVE-2023-41041LOWUser session is still usable after logout in graylog2-server EPSS 0.4%CVE-2023-41045LOWInsecure source port usage for DNS queries in GraylogEPSS 0.3%CVE-2025-30373MEDIUMGraylog Authenticated HTTP inputs do ingest message even if Authorization header is missing or has wrong valueEPSS 0.3%CVE-2025-46827HIGHGraylog Allows Session Takeover via Insufficient HTML SanitizationEPSS 0.2%