Lucene search
K

1213 matches found

Snyk
Snyk
added 2026/05/07 12:5 a.m.39 views

Insertion of Sensitive Information into Log File

Overview vercel is a The command-line interface for Vercel Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the suggested follow-up commands in --non-interactive mode or auto-detected AI agent when a command cannot complete autonomously. An...

6.8CVSS5.8AI score0.0016EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/04 8:56 p.m.11 views

XML External Entity (XXE) Injection

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to XML External Entity XXE Injection via the xpathfilter process. An attacker can access sensitive local files by supplying crafted XML or RSS content containing...

8.2CVSS5.9AI score0.00266EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:20 p.m.11 views

Security Bulletin: Vulnerabilities in Apache Tomcat might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat. Vulnerabilities include Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token and...

7.5CVSS5.8AI score0.00469EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/28 7:11 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in zookeeper-3.8.4.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in zookeeper-3.8.4.jar Vulnerability Details CVEID:CVE-2026-24281 DESCRIPTION: Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS PTR when IP SAN validation fails, allowing attackers who control or...

7.5CVSS7.2AI score0.01177EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/27 12:30 a.m.3 views

CVE-2026-7071 CodeAstro Online Job Portal user-cvs file information disclosure

A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file and directory information exposure. Remote exploitation of the attack is possible. The exploit has...

6.9CVSS5.1AI score0.0038EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/27 12:30 a.m.8 views

CVE-2026-7071

A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file and directory information exposure. Remote exploitation of the attack is possible. The exploit has...

6.9CVSS5.3AI score0.0038EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

Moxa EDR-8010 Series和Moxa EDR-G9010 Series 安全漏洞

The Moxa EDR-8010 Series and Moxa EDR-G9010 Series are a series of security routers produced by Moxa Corporation from Taiwan, China. Both models have security vulnerabilities. These vulnerabilities stem from improper ownership management, allowing users with low privileges to access configuration...

6CVSS5.8AI score0.0024EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/23 2:31 p.m.4 views

Insertion of Sensitive Information into Log File

Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the POST /mcp endpoint. An attacker can cause sensitive information such as bearer tokens, API...

6CVSS5.4AI score0.00255EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/04/23 8:24 a.m.11 views

Simply Static - Information Disclosure

Patrick Posner Simply Static versions up to 3.1.3 contain a vulnerability for insertion of sensitive information into log files caused by improper handling of log data, letting attackers potentially access sensitive information, exploit requires no specific privileges. id: CVE-2024-32825 info:...

7.5CVSS5.7AI score0.02015EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/04/22 6:4 p.m.13 views

USN-8199-1: OpenStack Glance vulnerabilities

Martin Kaesberger discovered that OpenStack Glance's image processing could return the contents of arbitrary files. An attacker could possibly use this issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2024-32498 Hyeongeun Ji and Abhishek Keka...

7.1CVSS5.9AI score0.00835EPSS
Exploits1
NVD
NVD
added 2026/04/22 5:16 p.m.4 views

CVE-2026-35345

A vulnerability in the tail utility of uutils coreutils allows for the exfiltration of sensitive file contents when using the --follow=name option. Unlike GNU tail, the uutils implementation continues to monitor a path after it has been replaced by a symbolic link, subsequently outputting the...

5.3CVSS0.00096EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/22 5:6 p.m.5 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the collaborator websocket feed, which broadcasts raw request headers, including sensitive authorization data, before access control is enforced. An attacker can gain unauthorized...

8.8CVSS5.5AI score0.00311EPSS
Exploits1References2
NVD
NVD
added 2026/04/17 9:16 a.m.6 views

CVE-2026-23775

Dell PowerProtect Data Domain appliances with Data Domain Operating System DD OS of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with remote access...

7.6CVSS0.00326EPSS
Exploits0References1
CVE
CVE
added 2026/04/16 6:3 p.m.8 views

CVE-2025-43937

CVE-2025-43937 affects Dell PowerScale OneFS prior to 9.12.0.0. The flaw is an insertion of sensitive information into log files, enabling a low-privileged, local attacker to disclose certain user credentials and potentially access the vulnerable application using the compromised account’s privil...

6.6CVSS5.7AI score0.00141EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/04/16 1:20 a.m.3 views

Insertion of Sensitive Information into Log File

Overview langsmith is a Client library to connect to the LangSmith Observability and Evaluation Platform. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File through the Client handling of events. An attacker can bypass redaction controls and...

6.3CVSS5.8AI score0.00214EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/15 7:24 p.m.5 views

CVE-2026-32217

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS5.7AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.6 views

CVE-2026-6160

A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatboxPHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the attack remotely. T...

6.9CVSS5.7AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 3:24 p.m.3 views

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...

2.4CVSS5.8AI score0.00103EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 3:24 p.m.13 views

CVE-2026-2401

Technical details for CVE-2026-2401 are not publicly available in the provided documents; monitor for updates.

5CVSS5.8AI score0.00103EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/13 6:30 a.m.5 views

EUVD-2026-21853

A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatboxPHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the attack remotely. T...

6.9CVSS5.5AI score0.00308EPSS
Exploits0References6
Rows per page
Query Builder