4568 matches found
CVE-2025-26332
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the...
CVE-2025-30105
Dell XtremIO, versions 6.4.0-22, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access...
CVE-2025-26332
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the...
CVE-2025-26332
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the...
CVE-2025-26332
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the...
CVE-2025-26332
CVE-2025-26332 affects TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2. The vulnerability involves insertion of sensitive information into a log file, with a low-privileged, local attacker potentially exploiting it to cause information exposure. The attacker may use exposed credentia...
CVE-2025-30105
Dell XtremIO v6.4.0-22 is affected by an information disclosure vulnerability where the system logs contain sensitive data. A local, low-privilege attacker could exploit this to obtain credentials and access the vulnerable application with the attacker’s account privileges. The root cause is sens...
Dell XtremIO 日志信息泄露漏洞
DELL XtremIO is an all-flash enterprise-class storage array from EMC, a Dell Technologies company, designed to enhance the performance of virtualization, database and analytics applications. DELL XtremIO suffers from a log information disclosure vulnerability that originates from the system...
"SwitchBot" App vulnerable to insertion of sensitive information into log file
Overview "SwitchBot" App provided by SwitchBot contains the following vulnerability. Insertion of sensitive information into log file CWE-532 - CVE-2025-53649 Soh Satoh reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...
CVE-2025-53649
CVE-2025-53649 – SwitchBot App (Android/iOS) involves an insecure logging flaw where sensitive user information can be written to log files. Affected versions are SwitchBot App V6.24 through V9.12. The root cause is insertion of sensitive information into log files, enabling exposure to anyone wi...
PT-2025-31423 · Dell · Dell Xtremio X2 +1
Name of the Vulnerable Software and Affected Versions: TechAdvisor versions 2.6 through 3.37-30 Description: TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2 contain an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could...
PT-2025-31421 · Dell · Dell Xtremio
Name of the Vulnerable Software and Affected Versions: Dell XtremIO version 6.4.0-22 Description: Dell XtremIO version 6.4.0-22 contains a vulnerability that allows an attacker with local access to potentially expose sensitive information. This information exposure could allow the attacker to...
GO-2025-3789 Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode in github.com/snyk/go-application-framework
Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode in github.com/snyk/go-application-framework...
CVE-2025-54120
PCL Plain Craft Launcher Community Edition is a Minecraft launcher. In PCL CE versions 2.12.0-beta.5 to 2.12.0-beta.9, the login credentials used during the third-party login process are accidentally recorded in the local log file. Although the log file is not automatically uploaded or shared, if...
CVE-2025-54120
PCL Plain Craft Launcher Community Edition is a Minecraft launcher. In PCL CE versions 2.12.0-beta.5 to 2.12.0-beta.9, the login credentials used during the third-party login process are accidentally recorded in the local log file. Although the log file is not automatically uploaded or shared, if...
CVE-2025-54120
The CVE-2025-54120 vulnerability affects PCL (Plain Craft Launcher) Community Edition, specifically versions 2.12.0-beta.5 through 2.12.0-beta.9. During the third‑party login flow, credentials are inadvertently written to the local log file. While the log file isn’t automatically uploaded, leakag...
CVE-2025-54120 PCL Community Edition exposes login credentials in logs
PCL Plain Craft Launcher Community Edition is a Minecraft launcher. In PCL CE versions 2.12.0-beta.5 to 2.12.0-beta.9, the login credentials used during the third-party login process are accidentally recorded in the local log file. Although the log file is not automatically uploaded or shared, if...
CVE-2025-54120 PCL Community Edition exposes login credentials in logs
PCL Plain Craft Launcher Community Edition is a Minecraft launcher. In PCL CE versions 2.12.0-beta.5 to 2.12.0-beta.9, the login credentials used during the third-party login process are accidentally recorded in the local log file. Although the log file is not automatically uploaded or shared, if...
CVE-2025-54120 PCL Community Edition exposes login credentials in logs
PCL Plain Craft Launcher Community Edition is a Minecraft launcher. In PCL CE versions 2.12.0-beta.5 to 2.12.0-beta.9, the login credentials used during the third-party login process are accidentally recorded in the local log file. Although the log file is not automatically uploaded or shared, if...
HP Poly Clariti Manager 安全漏洞
HP Poly Clariti Manager is a centralized management, control, and optimization software for video conferencing infrastructure from Hewlett-Packard HP in the United States. A security vulnerability exists in HP Poly Clariti Manager versions prior to 10.12.2 that stems from a vulnerability that cou...