CVE-2021-32050 Some MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application

Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may...

CVE-2022-43937 - Sensitive fields are recorded in the debug-enabled logs

Possible information exposure through log file vulnerability where sensitive fields are recorded in the debug-enabled logs when debugging is turned on in Brocade SANnav before v2.3.0 and 2.2.2a...

CVE-2023-31423 - Possible information exposure through log file vulnerability

Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the attacker must first collect a "supportsave" on Brocade SANnav or have access to an...

Microsoft Windows Multiple Vulnerabilities (KB5009543)

This host is missing an important security update according to Microsoft KB5009543 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Information Disclosure

org.jenkins-ci.plugins, cloudbees-folder is vulnerable to Information Disclosure. The vulnerability exists because the library does not properly restrict the organization folder log file location, which allows an attacker to gain access to sensitive information in the system...

PT-2023-29124 · Rkhunter · Rkhunter

Name of the Vulnerable Software and Affected Versions: rkhunter versions 1.4.4 through 1.4.6 Description: A vulnerability was found in the rkhunter Rootkit Hunter. The issue affects an unknown function of the file /var/log/rkhunter.log, leading to sensitive information in log files. An attack mus...

CVE-2023-40338

A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller fi...

The vulnerability of the Windows Common Log File System (CLFS) driver in the Windows operating system allows a hacker to gain elevated privileges.

The vulnerability of the Windows Common Log File System CLFS driver in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

GHSA-36HQ-V2FC-RPQP Jenkins Folders Plugin information disclosure vulnerability

Jenkins Folders Plugin displays an error message when attempting to access the Scan Organization Folder Log if no logs are available. In Folders Plugin 6.846.v23698686f0f6 and earlier, this error message includes the absolute path of a log file, exposing information about the Jenkins controller...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

Design/Logic Flaw

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier exposes the absolute path to a log file in the error message when accessing Scan Organization Folder Log without logs. This information disclosure vulnerability (CVE-2023-40338) has a confirmed fix in 6.848.ve3b_fd7839a_81 and newer; remediat...

Jenkins Plugin Folders 日志信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2023-23825 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS version 9.5.0.x Description: The issue concerns an insertion of sensitive information into log files, specifically related to SNMPv3. A user with low privileges could potentially exploit this, leading to information...

CVE-2023-4332

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file...

CVE-2023-4332

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file...

CVE-2023-4340

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file...

Input validation

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file...

Privilege escalation

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file...

CVE-2023-4332

CVE-2023-4332 affects Broadcom RAID Controller web interface. The vulnerability arises from improper permissions on the log file, enabling unauthorized access to log data. The base CVSS v3.1 score is 7.5 (High) with Confidentiality Impact: High; other impacts are None. The issue is documented acr...