PT-2022-8092 · Sierra Wireless · Sierra Wireless Mgos

Name of the Vulnerable Software and Affected Versions: Sierra Wireless MGOS versions prior to 3.15.2 Sierra Wireless MGOS versions 4.x prior to 4.3 Description: The issue allows attackers to read log files via a Direct Request, also known as Forced Browsing. This can potentially expose sensitive...

Sierra Wireless MGOS 安全漏洞

Sierra Wireless MGOS is a wireless communication device from Sierra Wireless Canada. A security vulnerability exists in Sierra Wireless MGOS versions prior to 3.15.2 and versions prior to 4.x through 4.3, which stems from a vulnerability that allows an attacker to read log files via Direct Reques...

CVE-2019-13988

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request aka Forced Browsing...

CVE-2019-13988

Summary of CVE-2019-13988 : Sierra Wireless MGOS is affected. Versions before 3.15.2, and 4.x before 4.3, allow attackers to read log files via a Direct Request (also known as Forced Browsing). The underlying issue enables unauthorized access to log data without authentication, as described acros...

CVE-2022-43857

IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filter. IBM X-Force I...

CVE-2022-43857 IBM Navigator for i information disclosure

IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filter. IBM X-Force I...

IBM Cognos Analytics Sensitive Information Disclosure Vulnerability (CNVD-2022-91131)

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A sensitive information...

ARC Informatique PcVue

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: ARC Informatique Equipment: PcVue Vulnerabilities: Cleartext Storage of Sensitive Information, Insertion of Sensitive Information into Log File 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the...

IBM Cognos Analytics 日志信息泄露漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A sensitive information...

CVE-2022-4311

An insertion of sensitive information into log file vulnerability exists in PcVue versions 15 through 15.2.2. This could allow a user with access to the log files to discover connection strings of data sources configured for the DbConnect, which could include credentials. Successful exploitation ...

Design/Logic Flaw

An insertion of sensitive information into log file vulnerability exists in PcVue versions 15 through 15.2.2. This could allow a user with access to the log files to discover connection strings of data sources configured for the DbConnect, which could include credentials. Successful exploitation ...

CVE-2022-4311

Summary (CVE-2022-4311) : PcVue (ARC Informatique) versions 15–15.2.2 are affected by a vulnerability where sensitive information can be inserted into log files, allowing someone with log access to discover DbConnect data source connection strings and potentially credentials, leading to unauthori...

CVE-2022-4311

An insertion of sensitive information into log file vulnerability exists in PcVue versions 15 through 15.2.2. This could allow a user with access to the log files to discover connection strings of data sources configured for the DbConnect, which could include credentials. Successful exploitation ...

ARC Informatique PcVue 日志信息泄露漏洞

ARC Informatique PcVue is a multifunctional HMI-SCADA software from ARC Informatique, France, an all-in-one solution that monitors all aspects of a customer's assets.PcVue is used in a wide range of applications such as industrial control, building management, energy management, smart grids, ener...

Wire Information Disclosure Vulnerability (CNVD-2022-80682)

Wire is a chat software from the German company Wire. The software supports Web, WindowsiOS, Android, and OS X platforms, has group functionality, can make voice calls, send photos, and its original greeting method, PING. Wire 3.22.3993 and earlier versions contain an information disclosure...

PT-2022-23687 · WordPress · Deepl Pro Api Translation Plugin

Name of the Vulnerable Software and Affected Versions: DeepL Pro API translation plugin WordPress plugin versions prior to 1.7.5 Description: The issue concerns the disclosure of sensitive information, including the DeepL API key, in publicly accessible log files. This allows an external,...

PT-2022-27529 · Unknown · Drachtio-Server

Name of the Vulnerable Software and Affected Versions: drachtio-server version 0.8.18 Description: The issue concerns the permissions of the /var/log/drachtio directory and the drachtio.log file. Specifically, the directory has a mode of 0777 and the log file has a mode of 0666. This could...

CVE-2022-43933 : Configuration secrets are logged in support-save

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in support-save. Support-save file is generated by an admin user troubleshooting the switch. The Logged information may include usernames and...

CVE-2022-43935: Switch passwords and authorization IDs are printed in the embedded MLS DB file5

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file. Products Affected Brocade SANnav versions before v2.2.2 Products Confirmed Not...

CVE-2022-44745

Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40107...