KB5037763: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2024)

The remote Windows host is missing security update 5037763. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Security Feature Bypass Vulnerability CVE-2024-30040 - Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2024-29996,...

KB5037768: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (May 2024)

The remote Windows host is missing security update 5037768. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Security Feature Bypass Vulnerability CVE-2024-30040 - Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2024-29996,...

RHEL 6 : cloud-init (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cloud-init: default configuration disabled deletion of SSH host keys CVE-2018-10896 - cloud-init through...

CVE-2024-34550

CVE-2024-34550 is a documented vulnerability in the Dynamics 365 Integration plugin (AlexaCRM) for WordPress, affecting versions up to 1.3.17. The issue is described as Insertion of Sensitive Information into Log File, enabling unauthenticated exposure of potentially sensitive data via log files....

CVE-2024-34550 WordPress Dynamics 365 Integration plugin <= 1.3.17 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information into Log File vulnerability in AlexaCRM Dynamics 365 Integration.This issue affects Dynamics 365 Integration: from n/a through 1.3.17...

CVE-2024-34559

CVE-2024-34559 concerns Ghost Foundation Ghost (WordPress plugin) with Insertion of Sensitive Information into Log File vulnerability affecting Ghost versions up to 1.4.0. The issue enables unauthenticated exposure of sensitive data via log files. In connected sources, Red Hat and Wordfence entri...

CVE-2024-34559 WordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0...

CVE-2024-28971

Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file. A remote high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the...

CVE-2024-28971

Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file. A remote high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the...

CVE-2024-28971

The CVE-2024-28971 entry corresponds to Dell Update Manager Plugin versions 1.4.0–1.5.0, with a plain-text password storage vulnerability in the log file that could lead to disclosure of user credentials. Multiple connected sources confirm the issue and potential credential exposure; exploitation...

CVE-2024-28971

Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file. A remote high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the...

CVE-2024-28971

Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file. A remote high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the...

PT-2024-22654 · Dell · Dell Update Manager Plugin

Name of the Vulnerable Software and Affected Versions: Dell Update Manager Plugin versions 1.4.0 through 1.5.0 Description: The issue concerns a Plain-text Password Storage Vulnerability in the log file of the Dell Update Manager Plugin. A remote high privileged attacker could potentially exploit...

Dell Update Manager Plugin 安全漏洞

Dell Update Manager Plugin is an update management plugin from Dell USA. A security vulnerability exists in Dell Update Manager Plugin versions 1.4.0 through 1.5.0, which stems from a log file containing plain text passwords, resulting in the disclosure of certain user credentials...

WordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Ghost versions = 1.4.0...

CVE-2024-28072

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...

CVE-2024-28072 Arbitrary File Overwrite Vulnerability

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...

CVE-2024-28072 Arbitrary File Overwrite Vulnerability

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...

CVE-2024-33922

Insertion of Sensitive Information into Log File vulnerability in Jordy Meow WP Media Cleaner.This issue affects WP Media Cleaner: from n/a through 6.7.2...

CVE-2024-33922

CVE-2024-33922 affects WP Media Cleaner (Jordy Meow) up to version 6.7.2, enabling unauthenticated Insertion/Inclusion of Sensitive Information into log files. Connected sources indicate a patch is available and the issue is mitigated by updating to a fixed version.