CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4562 matches found

Github Security Blog•added 2022/02/15 1:38 a.m.•35 views

Wildfly logs plaintext passwords

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file...

5.3CVSS6.7AI score0.01331EPSS

Exploits0References5Affected Software1

Tenable Nessus•added 2022/02/12 12:0 a.m.•22 views

EulerOS Virtualization 3.0.6.0 : cloud-init (EulerOS-SA-2022-1058)

According to the versions of the cloud-init package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to...

5.5CVSS5.6AI score0.00219EPSS

Exploits0References2

NVD•added 2022/02/10 6:15 p.m.•14 views

CVE-2022-0021

An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions...

5.5CVSS0.0022EPSS

Exploits0References1

CVE•added 2022/02/10 6:10 p.m.•65 views

CVE-2022-0021

Palo Alto Networks GlobalProtect App for Windows is affected by CVE-2022-0021. The vulnerability arises from an information exposure in the log files where cleartext credentials of the connected GlobalProtect user are logged during authentication via Connect Before Logon. Affected product/version...

5.5CVSS4.5AI score0.0022EPSS

Exploits0References1Affected Software1

BDU FSTEC•added 2022/02/10 12:0 a.m.•4 views

The vulnerability of the Windows Common Log File System, a system for journaling on Windows operating systems, allows attackers to escalate their privileges.

The vulnerability of the Windows Common Log File System in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.01059EPSS

Exploits0References3

BDU FSTEC•added 2022/02/10 12:0 a.m.•3 views

The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to gain elevated privileges.

The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to privilege management errors. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.01031EPSS

Exploits0References2

OSV•added 2022/02/09 9:59 p.m.•34 views

GHSA-J667-C2HM-F2WP Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible

A flaw was found in the Ansible Engine when using moduleargs. Tasks executed with check mode --check-mode do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality...

6.8CVSS5.7AI score0.00407EPSS

Exploits0References13

OSV•added 2022/02/09 5:15 p.m.•1 views

CVE-2022-22710

Windows Common Log File System Driver Denial of Service Vulnerability...

5.5CVSS7.3AI score0.00829EPSS

Exploits0References1