PT-2024-9429 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited to elevate privileges. This can allow an attacker to affect the system. The estimat...

VulnCheck KEV: CVE-2024-49138

Microsoft Windows Common Log File System CLFS driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges...

Microsoft Windows Common Log File System Driver 安全漏洞

The Microsoft Windows Common Log File System Driver is a Microsoft Corporation Common Log File System CLFS API that provides a high-performance, common log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize logging and access. access. A...

Microsoft Windows Common Log File System Driver 安全漏洞

The Microsoft Windows Common Log File System Driver is a Microsoft Corporation Common Log File System CLFS API that provides a high-performance, common log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize logging and access. access. A...

PT-2024-9406 · Siemens · Sinamics Startdrive +10

Name of the Vulnerable Software and Affected Versions: SIMATIC S7-PLCSIM versions V16 through V17 SIMATIC STEP 7 Safety versions V16 through V19 SIMATIC STEP 7 versions V16 through V19 SIMATIC WinCC Unified versions V16 through V19 SIMATIC WinCC versions V16 through V19 SIMOCODE ES versions V16...

CVE-2024-12057

User credentials login & password are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end. By exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log...

CVE-2024-42196 HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs...

CVE-2024-42196 HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs...

Debian dla-3983 : clamav - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3983 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3983-1 [email protected]...

Cleartext Storage of Sensitive Information

Overview zhmc-ansible-modules is an Ansible modules managing a IBM Z via the HMC Web Services API. Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information through the zhmcpartition, zhmclpar, zhmcuser, and zhmcldapserverdefinition modules. An attacker can...

CVE-2024-53979

ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...

CVE-2024-53979

CVE-2024-53979 affects the ibm.ibm_zhmc Ansible collection for IBM Z HMC. The issue is that password-like properties (boot_ftp_password, ssc_master_pw, zaware_master_pw, password, bind_password) may be written in clear text to logs and, for certain modules, to module output when those inputs are ...

CVE-2024-53979 Ansible collection "ibm.ibm_zhmc" has passwords in clear text in log file and in output of some modules when specified as input

ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...

CVE-2024-53979 Ansible collection "ibm.ibm_zhmc" has passwords in clear text in log file and in output of some modules when specified as input

ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...

CVE-2024-47094

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to web log files accessible to local site users...

CVE-2024-47094 Logging of sitesecret to automations log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to web log files accessible to local site users...

zhmc-ansible-modules 安全漏洞

zhmc-ansible-modules is an Ansible collection for IBM Z HMC open sourced by zhmcclient. A security vulnerability exists in zhmc-ansible-modules, which stems from the fact that under certain circumstances, ibm.ibmzhmc writes password-like attributes in plaintext to its log files and to the output...

PT-2024-35990 · Ibm · Ibm.Ibm Zhmc

Name of the Vulnerable Software and Affected Versions: ibm.ibm zhmc versions prior to 1.9.3 Description: The Ansible collection "ibm.ibm zhmc" for the IBM Z HMC writes password-like properties in clear text into its log file and into the output returned by some of its Ansible modules. This occurs...

CVE-2024-11025

An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device...

CVE-2024-11025 SMA: SQL injection in Sunny Central UP

An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device...