4568 matches found
PT-2025-33291 · Dell · Dell Openmanage Enterprise
Name of the Vulnerable Software and Affected Versions: Dell OpenManage Enterprise versions 3.10 through 4.2 Description: Dell OpenManage Enterprise contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore functionality. A low privileged attacker with...
CVE-2025-34154
CVE-2025-34154 affects UnForm Server Manager versions prior to 10.1.12. The issue is in the arc endpoint's log file analysis interface, where the fl parameter lacks proper input validation and path sanitization, allowing unauthenticated attackers to read arbitrary files on the host (including OS-...
CVE-2025-34154
UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability via its log file analysis interface. The flaw resides in the arc endpoint, which accepts a fl parameter to specify the log file to be opened. Due to insufficient input validation and lack of path...
CVE-2025-24520
Insertion of sensitive information into log file for some IntelR Local Manageability Service software before version 2514.7.16.0 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2025-42935
The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager ICM permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the...
CVE-2025-42935 Information Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform(Internet Communication Manager)
The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager ICM permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the...
SAP Internet Communication Manager和SAP NetWeaver Application Server ABAP 日志信息泄露漏洞
SAP Internet Communication Manager SAP ICM and SAP NetWeaver Application Server ABAP are products of SAP, Germany.SAP Internet Communication Manager is an SAP SAP Internet Communication Manager is an SAP NetWeaver Application Server component. It is used to receive and send Web requests HTTP,...
Check Point Harmony SASE 安全漏洞
Check Point Harmony SASE is a Secure Access Service edge application from Check Point Israel. A security vulnerability exists in Check Point Harmony SASE that stems from improper log file access control, which could lead to information disclosure...
PT-2025-32734 · Intel · Intel Local Manageability Service
Name of the Vulnerable Software and Affected Versions: IntelR Local Manageability Service versions prior to 2514.7.16.0 Description: Insertion of sensitive information into a log file may allow an authenticated user to potentially enable information disclosure via local access. Recommendations:...
Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization
Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in...
CVE-2025-54876 Jans CLI stores plaintext passwords in the local cli_cmd.log file
The Janssen Project is an open-source identity and access management IAM platform. In versions 1.9.0 and below, Janssen stores passwords in plaintext in the local clicmd.log file. This is fixed in the nightly prerelease...
The vulnerability of the XtremIO Management Server (XMS) on the Dell XtremIO storage platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the XtremIO Management Server XMS on the Dell XtremIO storage platform involves the disclosure of information through log files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
CVE-2025-30105
Dell XtremIO, versions 6.4.0-22, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access...
CVE-2025-26332
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the...
CVE-2025-46809 Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs
A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x8664/proxy-httpd:5.0.5.7.23.1: from ? befor...
CVE-2025-46809 Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs
A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x8664/proxy-httpd:5.0.5.7.23.1: from ? befor...
CVE-2025-46809
CVE-2025-46809 is a vulnerability described as plaintext storage of a password: it exposes HTTP proxy credentials found in log files for SUSE Manager components. The affected items include container images and modules such as suse/manager/4.3/proxy-httpd, suse/manager/5.0/x86_64/proxy-httpd and -...
Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below
CVE-2025-27591 description Basically below tool allow f...
CVE-2025-53649
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...
PT-2025-31552 · Suse · Suse Multi Linux Manager +5
Name of the Vulnerable Software and Affected Versions: SUSE Multi Linux Manager versions prior to 5.0.27-150600.3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS versions prior to 4.3.87-150400.3.110.2 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure versions prior to 4.3.87-150400.3.110.2 Image...