Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability

Microsoft Windows Common Log File System CLFS Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally...

The vulnerability of the IntelliJ IDEA integrated development environment, related to the disclosure of information in the log file, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IntelliJ IDEA integrated development environment is related to the disclosure of information in the idea.log log file. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

CVE-2025-32054

In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file...

CVE-2025-31788

Insertion of Sensitive Information into Log File vulnerability in Smackcoders Inc., AIO Performance Profiler, Monitor, Optimize, Compress & Debug all-in-one-performance-accelerator allows Retrieve Embedded Sensitive Data.This issue affects AIO Performance Profiler, Monitor, Optimize, Compress &...

CVE-2025-31788

Insertion of Sensitive Information into Log File vulnerability in Smackcoders Inc., AIO Performance Profiler, Monitor, Optimize, Compress & Debug all-in-one-performance-accelerator allows Retrieve Embedded Sensitive Data.This issue affects AIO Performance Profiler, Monitor, Optimize, Compress &...

CVE-2025-31788 WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.3 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information into Log File vulnerability in Smackcoders Inc., AIO Performance Profiler, Monitor, Optimize, Compress & Debug all-in-one-performance-accelerator allows Retrieve Embedded Sensitive Data.This issue affects AIO Performance Profiler, Monitor, Optimize, Compress &...

CVE-2025-31788 WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.2 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Retrieve Embedded Sensitive Data. This issue affects AIO Performance Profiler, Monitor, Optimize, Compress & Debug: from n/a through 1.2...

CVE-2025-31788

CVE-2025-31788 affects the AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin family. The issue is an Insertion of Sensitive Information into Log File, enabling unauthenticated exposure of embedded data via log contents. Affected versions are reported as up to 1.2 (n/a to 1.2). ...

PT-2025-14174 · Unknown · Smackcoders Aio Performance Profiler

Name of the Vulnerable Software and Affected Versions: smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug versions 1.2 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into log files...

GHSA-QQ4X-C6H6-RFXH aws-cdk-lib has Insertion of Sensitive Information into Log File vulnerability when using Cognito UserPoolClient Construct

Summary The AWS Cloud Development Kit CDK is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer’s AWS account. CDK contains pre-built component...

aws-cdk-lib has Insertion of Sensitive Information into Log File vulnerability when using Cognito UserPoolClient Construct

Summary The AWS Cloud Development Kit CDK is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer’s AWS account. CDK contains pre-built component...

CVE-2024-7577

IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product...

Security Bulletin: IBM Maximo Application Suite Ai-Broker Component vulnerable to vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Broker Component vulnerable to vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging. This bulletin contains information regarding the vulnerability and its fixture...

Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2024-7577)

Summary An information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-7577 DESCRIPTION: IBM InfoSphere Information Server could disclose sensitive user credentials from log files during new installation of the product. CWE:CWE-532...

PT-2025-13597 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue could disclose sensitive user credentials from log files during the new installation of the product. Recommendations: For IBM InfoSphere Information Server version 11.7,...

CVE-2025-1998

IBM UrbanCode Deploy UCD through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user...

CVE-2025-0273 HCL DevOps Deploy / HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability

HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user...

CVE-2025-0273 HCL DevOps Deploy / HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability

HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user...

PT-2025-13208 · Ibm · Ibm Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.1.2.21 and earlier, 7.2 through 7.2.3.14, 7.3 through 7.3.2.0 IBM DevOps Deploy versions 8.0 through 8.0.1.4, 8.1 and earlier Description: The issue concerns the storage of potentially sensitive authentication...

CVE-2025-1911

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the adminlogpage function in all versions up to, and including, 2.5.0. This makes it possible for authenticated...