CVE-2024-48852

CVE-2024-48852 affects ABB FLXeon (

CVE-2024-48852 Information disclosures

Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through = 9.3.4...

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure under specific conditions (CVE-2024-40679)

Summary IBM® Db2® is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file under specific conditions. Vulnerability Details CVEID:CVE-2024-40679 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to an...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to Insertion of Sensitive Information into Log File vulnerability (CVE-2024-45091)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. Vulnerability Details CVEID:CVE-2024-45091 DESCRIPTION: IBM UrbanCode Deploy UCD stores potentially sensitive information...

GHSA-6WXM-MPQJ-6JPF Insecure Temporary File usage in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

Insecure Temporary File usage in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

AZL-56379 CVE-2024-45339 affecting package glog 0.3.5-16

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

AZL-56066 CVE-2024-45339 affecting package vitess for versions less than 19.0.4-4

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

DEBIAN-CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

AZL-56402 CVE-2024-45339 affecting package glog for versions less than 0.3.5-16

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

AZL-56078 CVE-2024-45339 affecting package sriov-network-device-plugin for versions less than 3.7.0-3

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

AZL-56075 CVE-2024-45339 affecting package vitess for versions less than 17.0.7-4

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

AZL-56069 CVE-2024-45339 affecting package sriov-network-device-plugin for versions less than 3.6.2-8

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

UBUNTU-CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

CVE-2024-45339 affects the Go glog package. The issue arises when logs are written to a widely-writable directory: an unprivileged attacker could predict a privileged process’s log path and pre-create a symlink to a sensitive file, causing the process to overwrite it. The fix is to have glog exit...

CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

GO-2025-3372 Vulnerability when creating log files in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...