4562 matches found
PT-2022-27295 · Acronis · Acronis Cyber Protect Home Office
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Home Office Windows versions prior to build 40107 Description: The issue concerns a sensitive information leak through log files. Recommendations: For versions prior to build 40107, update to build 40107 or later to...
CVE-2022-3191
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux Virtual Strage Software Agent component allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00...
CVE-2022-3191
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux Virtual Strage Software Agent component allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00...
Design/Logic Flaw
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux Virtual Strage Software Agent component allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00...
CVE-2022-3191 Information Exposure Vulnerability in Hitachi Ops Center Analyzer
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux Virtual Strage Software Agent component allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00...
CVE-2022-3191
Hitachi Ops Center Analyzer (Linux) is affected in the Virtual Storage Software Agent component. CVE-2022-3191 describes a vulnerability where sensitive information can be inserted into log files, enabling local users to access sensitive data. Affected versions are 10.8.1-00 through 10.9.0-00. Ro...
PT-2022-20983 · Hitachi · Hitachi Ops Center Analyzer
Name of the Vulnerable Software and Affected Versions: Hitachi Ops Center Analyzer versions 10.8.1-00 through 10.9.0-00 Description: The issue allows local users to gain sensitive information due to the insertion of sensitive information into log files. This is related to the Virtual Strage...
Tenable Network Security Nessus 安全漏洞
Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. A security vulnerability exists in Nessus. An attacker can exploit this vulnerability to read Nessus debug log file attachments from the web UI without proper privileges...
CVE-2022-2805
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss...
PT-2022-18777 · Ovirt · Ovirt Engine
Name of the Vulnerable Software and Affected Versions: oVirt Engine affected versions not specified Description: A flaw in oVirt Engine causes plaintext passwords to be logged in the log file when using otapi-style, potentially leading to confidentiality loss if an attacker with sufficient...
CVE-2022-2805
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss...
ASUS Armoury Crate Service Symbolic Link Replacement Vulnerability
ASUS Armoury Crate Service is a software utility from ASUS China designed to provide centralized control of supported ROG gaming products. An attacker could use the vulnerability to modify the log file attributes to symbolic links to arbitrary system files, causing the logging function to overwri...
CVE-2022-38699
Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the...
Moderate: mysql security, bug fix, and enhancement update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.30. BZ2122589 Security Fixes: mysql: Server: Optimizer multiple...
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
This months Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of...
CVE-2022-39821
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem...
Design/Logic Flaw
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem...
CVE-2022-39821
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem...
CVE-2022-37969
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2022-37969
Windows Common Log File System Driver Elevation of Privilege Vulnerability...