CVEs classified under CWE-778, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2024-48967 — CVSS 10.0 (critical): The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent…
CVE-2021-43419 — CVSS 7.5 (high): An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app.
CVE-2019-7613 — CVSS 7.5 (high): Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log…
CVE-2019-19277 — CVSS 6.5 (medium): A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special…
CVE-2025-52644 — CVSS 5.8 (medium): HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing…
CVE-2025-32967 — CVSS 5.4 (medium): OpenEMR is a free and open source electronic health records and medical practice management application. A logging oversight in versions…
CVE-2025-2562 — CVSS 5.4 (medium): Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a…
CVE-2026-25598 — CVSS 5.3 (medium): Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has…
CVE-2025-53498 — CVSS 5.3 (medium): Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects…
CVE-2023-1995 — CVSS 5.3 (medium): Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access…
CVE-2024-10863: : Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure…
CVE-2026-3494 — CVSS 4.3 (medium): In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL…
CVE-2026-22279 — CVSS 4.3 (medium): Dell PowerScale OneFS, versions prior 9.13.0.0, contains an insufficient logging vulnerability. An unauthenticated attacker with remote…
CVE-2025-66552 — CVSS 4.3 (medium): Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 30.0.9 and 31.0.1, incorrect…
CVE-2024-2291 — CVSS 4.3 (medium): In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a…
CVE-2022-25783 — CVSS 4.3 (medium): Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging…
CVE-2021-33689 — CVSS 4.3 (medium): When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version…
CVE-2019-19295 — CVSS 4.3 (medium): A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) does not…
CVE-2026-32803 — CVSS 3.3 (low): Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1…
CVE-2021-32680 — CVSS 3.3 (low): Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server…
CVE-2024-24901 — CVSS 3.0 (low): Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges…
CVE-2026-9247 — CVSS 2.4 (low): Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a…
CVE-2022-31120 — CVSS 2.1 (low): Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been…