Microsoft Windows Common Log File System Driver 安全漏洞

The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...

Microsoft Windows Common Log File System Driver 安全漏洞

The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...

PT-2023-1593 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is caused by a buffer overflow in memory, allowing an attacker to elevate their privileges. This can affect the system, potentially enabling...

CVE-2023-23376

Windows Common Log File System Driver Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

VulnCheck KEV: CVE-2023-23376

Microsoft Windows Common Log File System CLFS driver contains an unspecified vulnerability that allows for privilege escalation...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to...

USN-5866-1: Nova vulnerabilities

It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. CVE-2015-9543 It was discovered that...

Design/Logic Flaw

SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO...

CVE-2023-22362

SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO...

CVE-2023-22362

SUSHIRO App for Android exposes sensitive credential information via log output (CWE-532). Affected builds include SUSHIRO Ver.4.0.31, Thailand Ver.1.0.0, Hong Kong Ver.3.0.2, Singapore Ver.2.0.0, and Taiwan Ver.2.0.1. Root cause is improper logging of credentials, allowing an attacker who can ac...

CVE-2023-22362

SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO...

IBM DB2 10.5 < 10.5 FP 11 41247 / 11.1 < 11.1.4 FP 7 41246 / 11.5 < 11.5.8 FP 0 26513 Information Disclosure (Windows)

According to its self-reported version number, IBM Db2 is affected by multiple information disclosure vulnerabilities: - IBM Db2 is vulnerable to an information disclosure vulnerability due to improper privilege management when a specially crafted table access is used. CVE-2022-43927 - IBM Db2 is...

OPENSUSE-SU-2023:0041-1 Security update for EternalTerminal

This update for EternalTerminal fixes the following issues: EternalTerminal was updated to 6.2.4: CVE-2022-48257, CVE-2022-48258 remedied fix readme regarding port forwarding 522 Fix test failures that started appearing in CI 526 Add documentation for the EternalTerminal protocol 523 ssh-et: appl...

PT-2023-2182 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows versions 10.5, 11.1, and 11.5 Description: The issue is related to an information disclosure where sensitive information may be included in a log file, potentially allowing an attacker to gain unauthorized...

GHSA-8CFG-VX93-JVXW Kubernetes client-go vulnerable to Sensitive Information Leak via Log File

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects = v1.19.5, = v1.18.13, = v1.17.15, v1.20.0-alpha2...

Kubernetes client-go vulnerable to Sensitive Information Leak via Log File

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects = v1.19.5, = v1.18.13, = v1.17.15, v1.20.0-alpha2...

Kubernetes Sensitive Information leak via Log File

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

GHSA-8MJG-8C8G-6H85 Kubernetes Sensitive Information leak via Log File

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

CVE-2020-13223

A flaw was found in the HashiCorp Vault. The HashiCorp Vault and Vault Enterprise could allow a remote attacker to obtain sensitive information caused by inserting sensitive information into a log file. By accessing the log file, a remote attacker can obtain sensitive information...

CVE-2023-22573

Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure...