4568 matches found
Siemens SCALANCE M-800, RUGGEDCOM RM1224
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2024-37930 WordPress SmartMag theme <= 9.3.0 - Sensitive Data Exposure via Log File vulnerability
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.This issue affects SmartMag: from n/a through 9.3.0...
CVE-2024-37930 WordPress SmartMag theme < 10.1.0 - Sensitive Data Exposure via Log File vulnerability
Insertion of Sensitive Information into Log File vulnerability in ThemeSphere SmartMag smartmag-responsive-retina-wordpress-magazine.This issue affects SmartMag: from n/a through 10.1.0...
DEBIAN-CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123 Zabbix Arbitrary File Read
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
PT-2024-6100 · Zabbix +4 · Zabbix +4
Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: The issue is related to incorrect code generation control in the Zabbix monitoring system. It allows a remote attacker to execute arbitrary code. Setting SMS media allows configuring a GSM...
CVE-2024-37283 Elastic Agent Insertion of Sensitive Information into Log File
An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By default the log level is set to info, where no leak occurs...
CVE-2024-37283 Elastic Agent Insertion of Sensitive Information into Log File
An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By default the log level is set to info, where no leak occurs...
CVE-2024-37283
CVE-2024-37283 concerns Elastic Agent leaking secrets from the agent policy file elastic-agent.yml only when log level is set to debug. By default, log level is info and no leak occurs. Affected versions are documented in ESA/Elastic Agent security advisories as 8.6.0 through 8.14.x, with a fix i...
GO-2024-3037 APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server
APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
SUSE-SU-2024:2273-2 Security update for podman
This update for podman fixes the following issues: - CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log file bsc1227052...
Insertion Of Sensitive Information Into Log File
github.com/elastic/apm-server is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to the APM server logging the document body from a partially failed bulk index request, caused by the ES response line containing the document body and being logged on error...
CBL Mariner 2.0 Security Update: cert-manager / influxdb / keda / libcontainers-common / packer (CVE-2024-6104)
The version of cert-manager / influxdb / keda / libcontainers-common / packer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6104 advisory. - go-retryablehttp prior to 0.7.7 did not sanitize urls...
APM Server vulnerable to Insertion of Sensitive Information into Log File
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailableshardsexception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively...
GHSA-F6CJ-4H3G-HWQ4 APM Server vulnerable to Insertion of Sensitive Information into Log File
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailableshardsexception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively...
CVE-2024-37286 APM Server Insertion of Sensitive Information into Log File
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailableshardsexception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively...
CVE-2024-38321
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868...