Lucene search
K

333 matches found

Cvelist
Cvelist
added 2025/03/13 7:1 p.m.21 views

CVE-2025-27496 Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...

3.3CVSS0.00112EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/03/13 6:57 p.m.19 views

Snowflake JDBC Driver client-side encryption key in DEBUG logs

Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC driver “Driver”. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not...

3.3CVSS6.9AI score0.00112EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2017-15113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level...

7.2CVSS6.9AI score0.01164EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/14 3:47 a.m.7 views

CVE-2025-1053 Brocade SANnav encryption key is logged in the debug logs

Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANna...

8.6CVSS6.7AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/14 3:47 a.m.15 views

CVE-2025-1053 Brocade SANnav encryption key is logged in the debug logs

Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANna...

8.6CVSS0.00145EPSS
Exploits0References1
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.10 views

Brocade SANnav encryption key is logged in the debug logs (CVE-2025-1053)

Under certain error conditions at time of Brocade SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Broca...

8.6CVSS6.8AI score0.00145EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 7:41 p.m.10 views

CVE-2022-39292

Slack Morphism is a modern client library for Slack Web/Events API/Socket Mode and Block Kit. Debug logs expose sensitive URLs for Slack webhooks that contain private information. The problem is fixed in version 1.3.2 which redacts sensitive URLs for webhooks. As a workaround, people who use Slac...

7.5CVSS6.6AI score0.00657EPSS
Exploits0References1
CVE
CVE
added 2025/01/23 5:38 p.m.58 views

CVE-2025-24034

CVE-2025-24034 (Himmelblau) affects Himmelblau, an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.7.0 and older than 0.7.15 and older than 0.8.3, debug logging can leak credentials: user access tokens and Kerberos TGTs may be written to logs when debug is enabled. A...

3.2CVSS3.9AI score0.00195EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.5 views

Remote File Orchestrator Extension 安全漏洞

Remote File Orchestrator Extension is an open source remote file orchestrator extension for Keyfactor. It is used to remotely manage various file-based certificate stores and can be easily extended to manage other certificate stores. A security vulnerability exists in Remote File Orchestrator...

4.3CVSS6.3AI score0.00279EPSS
Exploits0References2
OSV
OSV
added 2024/11/21 11:15 a.m.4 views

CVE-2022-43937

Possible information exposure through log file vulnerability where sensitive fields are recorded in the debug-enabled logs when debugging is turned on in Brocade SANnav before 2.3.0 and 2.2.2a...

5.5CVSS5.8AI score0.00457EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/12 8:52 a.m.5 views

NetworkManager: Denial of Service

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service...

3.1CVSS5.7AI score0.00447EPSS
Exploits0References4
OSV
OSV
added 2024/10/25 11:9 a.m.4 views

OESA-2024-2291 NetworkManager security update

NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is intended to replace default routes, obtain IP addresses from a DHC...

3.1CVSS6.6AI score0.00447EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/02 4:55 p.m.55 views

CVE-2024-20490 Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

6.3CVSS0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.6 views

Cisco Smart Licensing Utility 安全漏洞

Cisco Smart Licensing Utility CSLU is an application from Cisco USA that allows customers to manage licenses and associated product instances from their local location. A security vulnerability exists in Cisco Smart Licensing Utility that stems from overly detailed logging in debug log files. It...

7.5CVSS9.1AI score0.51466EPSS
Exploits0References3
OSV
OSV
added 2024/08/21 4:3 p.m.13 views

GO-2022-1154 Traefik may display authorization header in the debug logs in github.com/traefik/traefik

Traefik may display authorization header in the debug logs in github.com/traefik/traefik...

6.5CVSS6.5AI score0.00977EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.8 views

The vulnerability of the Elastick Stack Filebeat software, which logs log messages, is related to errors in input data in the httpjson format. As a result, the content of the http-request headers for Authorization or Proxy-Authorization may be logged in the debugging logs, allowing an intruder to access confidential information.

The vulnerability of the Elastick Stack Filebeat software for logging records is related to errors in the httpjson input data. As a result, the content of the http-request headers Authorization or Proxy-Authorization may be logged in the debugging logs. Exploiting this vulnerability can allow an...

3.3CVSS5.3AI score0.00182EPSS
Exploits0References4Affected Software2
Redos
Redos
added 2024/07/26 12:0 a.m.303 views

ROS-20240726-08

Vulnerability in the httpjson component of Elastick Stack Filebeat is due to a bug in the input data of the httpjson, because of which the contents of the Authorization or Proxy-Authorization http-request header may into the debug logs. Exploitation of the vulnerability could allow an attacker...

5.5CVSS6.4AI score0.00182EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/07/10 3:36 a.m.7 views

SUSE CVE-2024-6501

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service...

3.1CVSS6.5AI score0.00447EPSS
Exploits0References4
NVD
NVD
added 2024/07/09 8:15 p.m.16 views

CVE-2024-6501

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service...

3.1CVSS0.00447EPSS
Exploits0References3
OSV
OSV
added 2024/07/09 8:15 p.m.8 views

CVE-2024-6501

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service...

3.1CVSS6.5AI score0.00447EPSS
Exploits0References3
Rows per page
Query Builder