CVE-2022-43870

IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540...

IBM Spectrum Virtualize 日志信息泄露漏洞

IBM Spectrum Virtualize is a block storage virtualization system from International Business Machines IBM, Inc. that improves the data value, security, and simplicity of new and existing storage infrastructures. A log information disclosure vulnerability exists in IBM Spectrum Virtualize versions...

K17528: NTP vulnerability CVE-2015-7850

Security Advisory Description ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service infinite loop or crash by pointing the key file at the log file. CVE-2015-7850 Impact Under certain specific conditions, an attacker can send a se...

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file. (CVE-2022-43930)

Summary IBM® Db2® is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file. Vulnerability Details CVEID:CVE-2022-43930 DESCRIPTION: IBM Db2 is vulernable to an Information Disclosure as sensitive information may be included in a log file. CVS...

CVE-2022-48319

Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk = 2.1.0p13, Checkmk = 2.0.0p29, and all versions of Checkmk 1.6.0 EOL allows an attacker to gain access to the host secret through the unprotected agent updater log file...

Code injection

Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk = 2.1.0p13, Checkmk = 2.0.0p29, and all versions of Checkmk 1.6.0 EOL allows an attacker to gain access to the host secret through the unprotected agent updater log file...

CVE-2022-48319 Host secret disclosed in Checkmk logs

Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk = 2.1.0p13, Checkmk = 2.0.0p29, and all versions of Checkmk 1.6.0 EOL allows an attacker to gain access to the host secret through the unprotected agent updater log file...

Checkmk 日志信息泄露漏洞

Checkmk is an editor. A security vulnerability exists in Tribe29 Checkmk version 2.1.0p13 and earlier, version 2.0.0p29 and earlier, and version 1.6.0. An attacker can exploit the vulnerability to update the program log file...

The vulnerability of the Windows Common Log File System (CLFS) driver exists due to errors in handling objects in memory. Exploiting this vulnerability can allow an attacker to increase their privileges.

The vulnerability of the Common Log File System Driver for Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2023-24964

IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463...

CVE-2022-43930 IBM Db2 for Linux, UNIX and Windows information disclosure

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677...

PT-2023-19844 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows a local user to obtain sensitive information from log files. Recommendations: For IBM InfoSphere Information Server version 11.7, consider restricting access to log...

CVE-2022-43954

An insertion of sensitive information into log file vulnerability CWE-532 in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices' passwords in the audit log page...

Design/Logic Flaw

An insertion of sensitive information into log file vulnerability CWE-532 in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices' passwords in the audit log page...

CVE-2023-24484

A malicious user can cause log files to be written to a directory that they do not have permission to write to...

CVE-2022-43954

Fortinet FortiPortal vulnerability CVE-2022-43954 affects FortiPortal versions 7.0.0–7.0.2, where an insertion of sensitive information into log/audit logs can allow a remote authenticated attacker to read passwords from other devices. Root cause: insufficient protection of sensitive registration...

CVE-2022-43954

An insertion of sensitive information into log file vulnerability CWE-532 in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices' passwords in the audit log page...

Security Bulletin: IBM Navigator for i is vulnerable to log file access, obtaining file attributes, and SQL Injection attacks due to multiple vulnerabilities.

Summary IBM Navigator for i provides server administration functionality for IBM i. An authenticated user with authority to interact with IBM Navigator for i is able to download log files, view file attributes, and perform SQL injection attacks as described in the vulnerability details section. I...

SUSE CVE-2008-5377

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333...

SUSE CVE-2008-7249

Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...