4568 matches found
BIT-AIRFLOW-2023-46215 Apache Airflow Celery provider, Apache Airflow: Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend
Insertion of Sensitive Information into Log File vulnerability in Apache Airflow Celery provider, Apache Airflow. Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend Note: the vulnerability is about the information exposed in the logs not...
Unisys Stealth Security Vulnerability
Unisys Stealth is a zero-trust security software from Unisys, Inc. A security vulnerability exists in Unisys Stealth version 5.3.062.0 that originates from allowing an attacker to view sensitive information via the Enterprise ManagementInstallermsi.log file...
CVE-2024-22335
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279975...
PT-2024-1918 · Ibm · Ibm Qradar Suite +1
Name of the Vulnerable Software and Affected Versions: IBM QRadar Suite versions 1.10.12.0 through 1.10.17.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 Description: The issue is related to insufficient protection of registration data in the IBM QRadar Suite and IBM Cloud Pak f...
PT-2024-1916 · Ibm · Ibm Qradar Suite +1
Name of the Vulnerable Software and Affected Versions: IBM QRadar Suite versions 1.10.12.0 through 1.10.17.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 Description: The issue is related to insufficient protection of registration data in IBM QRadar Suite and IBM Cloud Pak for...
WP Editor < 1.2.8 - Sensitive Information Exposure via log file
Description The plugin stores its logs at a predictable path, making it easy for anyone to leak their content...
CVE-2024-25125
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller fi...
CVE-2023-47131
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file...
CVE-2023-47131
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file...
CVE-2023-47131
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file...
Design/Logic Flaw
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file...
GHSA-8R33-Q5J5-RH7G APM Server vulnerable to Insertion of Sensitive Information into Log File
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this cou...
CVE-2023-47131
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file...
CVE-2023-47131
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file...
CVE-2023-47131
The CVE-2023-47131 issue affects the N-able PassPortal Chrome extension and is caused by the extension inserting sensitive information into log files in versions prior to 3.29.2. The impact is sensitive data disclosed via logs (as stated across Red Hat, NVD, CVE lists). Remediation is to upgrade ...
CVE-2024-23448 APM Server Insertion of Sensitive Information into Log File
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this cou...
Insertion Of Sensitive Information Into Log File
github.com/elastic/beats is vulnerable to Insertion Of Sensitive Information Into Log File. The vulnerability is caused due to logging the raw event object in the WARN and ERROR level if the ingesting failed with any 4XX HTTP status code except 409 or 209. This can lead to insertion of sensitive ...
WP Visitor Statistics (Real Time Traffic) < 6.9.5 - Sensitive Information Exposure via Log File
Description The WP Visitor Statistics Real Time Traffic plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.9.4. This makes it possible for unauthenticated attackers to extract sensitive data from log files...
CVE-2023-38020
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576...