CVE-2023-48305 Nextcloud Server user_ldap app logs user passwords in the log file on level debug

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the userldap app logged user passwords in...

CVE-2023-48305 Nextcloud Server user_ldap app logs user passwords in the log file on level debug

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the userldap app logged user passwords in...

user_ldap app logs user passwords in the log file on level debug

None...

CVE-2023-48310

TestingPlatform is a testing platform for Internet Security Standards. Prior to version 2.1.1, user input is not filtered correctly. Nmap options are accepted. In this particular case, the option to create log files is accepted in addition to a host name and even without. A log file is created at...

TestingPlatform Input Validation Error Vulnerability

TestingPlatform is @NC3-LU's standardized testing platform for Internet security. TestingPlatform version 2.1.0 suffers from an input validation error vulnerability that stems from not properly filtering user input, which can be exploited by an attacker to create a log file in a specified locatio...

cloud-init security, bug fix, and enhancement update

23.1.1-10.0.1 - Added missing services in rhel/systemd/cloud-init.service Orabug: 32183938 - Add IPv6 IMDS and dhcp6 support for Oracle Datasource Orabug: 35470783 - Increase retry value and add timeout for OCI Orabug: 35329883 - Fix log file permissions Orabug: 35302985 - Update detection logic...

CVE-2023-6021 Ray Log File Local File Include

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...

CVE-2023-6021 Ray Log File Local File Include

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...

CVE-2023-32283

Insertion of sensitive information into log file in some IntelR On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2023-32283

Insertion of sensitive information into log file in some IntelR On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2022-46647

Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access...

Information disclosure

Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access...

Information disclosure

Insertion of sensitive information into log file in some IntelR On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2023-32283

Insertion of sensitive information into log file in some IntelR On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2022-46647

CVE-2022-46647 affects Intel Unison software. The issue is the insertion of sensitive information into log files, potentially enabling information disclosure via local access by an authenticated user. Affected products and versions are: Windows before 20.14.5683.0; Android before 20.14.4244; iOS ...

CVE-2023-36424

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2023-36424

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

Design/Logic Flaw

An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...

CVE-2023-45585

FortiSIEM contains a log file vulnerability (CWE-532) affecting multiple versions (7.0.0; 6.7.6 and below; 6.6.3 and below; 6.5.1 and below; 6.4.2 and below; 6.3.3 and below; 6.2.1 and below; 6.1.2 and below; 5.4.0; 5.3.3 and below) where an authenticated user could view an encrypted ElasticSearc...

CVE-2023-45585

An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...