Lucene search
K

335 matches found

Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.11 views

PT-2025-33139 · Ctrlx Os · Ctrlx Os

Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: A vulnerability exists in the Task API endpoint of the ctrlX OS setup mechanism. This allows a remote, unauthenticated attacker to access and extract internal application data, including...

5.3CVSS6.9AI score0.00279EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/26 5:0 a.m.3 views

CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

7.2CVSS7.3AI score0.00151EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/06/26 5:0 a.m.12 views

CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

7.2CVSS0.00151EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.3 views

PT-2025-26934 · Snyk · Snyk Cli

Name of the Vulnerable Software and Affected Versions: snyk versions prior to 1.1297.3 Description: The issue allows for the insertion of sensitive information into log files through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line...

7.2CVSS6.1AI score0.00151EPSS
Exploits0References15
Snyk
Snyk
added 2025/06/25 4:1 p.m.4 views

Insertion of Sensitive Information into Log File

Overview snyk is an advanced tool that scans and monitors projects for security vulnerabilities. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variable...

7.2CVSS7AI score0.00151EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/07 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-20440

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected...

7.5CVSS5.9AI score0.51466EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.8 views

CVE-2023-41263

An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...

3.7CVSS6.9AI score0.00413EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:29 a.m.8 views

CVE-2023-5028

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

4.6CVSS6.2AI score0.00354EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:46 a.m.10 views

CVE-2023-31413

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled...

5.5CVSS6.7AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:51 a.m.11 views

CVE-2022-33187

Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information...

5.5CVSS6.6AI score0.00461EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 p.m.7 views

CVE-2021-37842

metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote Cluster XDCR credentials can get leaked in debug logs. Config key tombstone purging was added in Couchbase Server 7.0.0. This issue happens when a config key, which is being logged, has a tombstone purger...

7.5CVSS7AI score0.00588EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:26 p.m.10 views

CVE-2021-25764

In JetBrains PhpStorm before 2020.3, source code could be added to debug logs...

5.3CVSS7AI score0.00768EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/29 4:35 a.m.5 views

CVE-2025-46329 Snowflake Connector for C/C++ inserts client-side encryption key in DEBUG logs

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage durin...

3.3CVSS3.9AI score0.00097EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/29 4:35 a.m.20 views

CVE-2025-46329 Snowflake Connector for C/C++ inserts client-side encryption key in DEBUG logs

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage durin...

3.3CVSS0.00097EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/09 11:28 p.m.23 views

CVE-2025-27391

A flaw was found in Apache ActiveMQ Artemis. This vulnerability allows an attacker with access to debug logs to obtain sensitive configuration information via debug-level logging of broker properties. Mitigation Mitigation for this issue is either not available or the currently available options ...

5.5CVSS6.2AI score0.00358EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/05 10:39 p.m.13 views

CVE-2025-0278

HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests...

4.3CVSS7AI score0.00275EPSS
Exploits0References3
NVD
NVD
added 2025/04/03 10:15 p.m.14 views

CVE-2025-0278

HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests...

4.3CVSS0.00275EPSS
Exploits0References1
OSV
OSV
added 2025/04/03 10:15 p.m.3 views

CVE-2025-0278

HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests...

4.3CVSS5.8AI score0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/03 10:7 p.m.19 views

CVE-2025-0278 An internal path disclosure vulnerability affects HCL Traveler

HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests...

4.3CVSS0.00275EPSS
Exploits0References1
CVE
CVE
added 2025/04/03 10:7 p.m.42 views

CVE-2025-0278

CVE-2025-0278 affects HCL Traveler, a Windows application. The issue is an internal path disclosure where internal file paths may be revealed in error messages, debug logs, or responses to user requests. The CVE entry cites a MEDIUM severity (CVSS v3.1: 4.3, AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) w...

4.3CVSS6.9AI score0.00275EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder