Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.7 views

Docker Desktop < 4.43.0 Information Disclosure

The version of Docker Desktop is prior to 4.43.0. It is therefore affected by an information disclosure vulnerability. - System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information...

5.2CVSS5.8AI score0.00126EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/09 8:39 p.m.20 views

CVE-2025-13743 Expired Personal Access Tokens (PATs) are recorded in Docker Desktop diagnostic logs

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred...

2.4CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 8:39 p.m.4 views

CVE-2025-13743 Expired Personal Access Tokens (PATs) are recorded in Docker Desktop diagnostic logs

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred...

2.4CVSS6.2AI score0.00181EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-4179

Malware in sbrugna...

7.5CVSS7.6AI score0.01379EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19843

Malicious code in bioql PyPI...

5.2CVSS6.6AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-35933

Malicious code in bioql PyPI...

2.4CVSS6.4AI score0.00356EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.5 views

The vulnerability of the diagnostic logs of the Docker Desktop platform for developing and delivering container applications allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the diagnostic logs of the Docker Desktop platform for developing and delivering container applications is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

6.5CVSS5.5AI score0.00126EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/05 10:21 a.m.7 views

CVE-2025-6587

System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use th...

5.2CVSS6AI score0.00126EPSS
Exploits0References1
CVE
CVE
added 2025/07/03 10:3 a.m.28 views

CVE-2025-6587

Docker Desktop CVE-2025-6587 concerns the logging of system environment variables in diagnostic logs when using shell auto-completion, potentially exposing API keys, passwords, or other secrets to anyone with read access to those logs. Multiple connected sources confirm the vulnerability affects ...

5.2CVSS6.8AI score0.00126EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/03 10:3 a.m.10 views

CVE-2025-6587 Exposure of system environment variables in Docker Desktop diagnostic logs

System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use...

5.2CVSS0.00126EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 10:3 a.m.4 views

CVE-2025-6587 Exposure of system environment variables in Docker Desktop diagnostic logs

System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use...

5.2CVSS6.8AI score0.00126EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.6 views

PT-2024-28457 · Unknown · Smartplay Headunits

Name of the Vulnerable Software and Affected Versions: Smartplay headunits affected versions not specified Description: A misconfiguration in Smartplay headunits can lead to information disclosure, potentially leaking sensitive details such as diagnostic log traces, system logs, headunit password...

7.5CVSS6.8AI score0.00392EPSS
Exploits0References5
OSV
OSV
added 2023/10/12 11:15 p.m.6 views

CVE-2023-41263

An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...

3.7CVSS5.8AI score0.00413EPSS
Exploits1References1
OSV
OSV
added 2022/11/01 8:15 p.m.5 views

CVE-2022-32867

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...

2.4CVSS6.4AI score0.00356EPSS
Exploits0References2
NVD
NVD
added 2022/11/01 8:15 p.m.19 views

CVE-2022-32867

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...

2.4CVSS0.00356EPSS
Exploits0References2
Prion
Prion
added 2022/11/01 8:15 p.m.23 views

Design/Logic Flaw

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...

2.1CVSS3.8AI score0.00356EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.25 views

CVE-2022-32867

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...

4.5AI score0.00356EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.7 views

CVE-2022-32867

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...

5AI score0.00356EPSS
Exploits0References2
CVE
CVE
added 2022/11/01 12:0 a.m.61 views

CVE-2022-32867

CVE-2022-32867 affects Apple iOS (Crash Reporter data handling) and macOS Ventura 13, where a user with physical access could read past diagnostic logs. Apple fixes: iOS 16 and macOS Ventura 13, per CVE context; CVSS shown as LOW (PHYSICAL access, no user interaction). No exploitation details are...

2.4CVSS3.9AI score0.00356EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2022/10/24 12:0 a.m.5 views

PT-2022-21538 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16 macOS versions prior to 13 Description: The issue allows a user with physical access to an iOS device to read past diagnostic logs. This was addressed with improved data protection. Recommendations: For iOS versions...

2.4CVSS4.4AI score0.00356EPSS
Exploits0References5
Rows per page
Query Builder