CVE-2025-14432

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

CVE-2025-14432

CVE-2025-14432 affects HP video conferencing products (HP TC8/TC10 noted in CNNVD) with a data-leakage issue where sensitive data could be written to log files when an admin uses Microsoft Teams Admin Center (TAC) to apply device configuration changes. The log file is restricted to admins but exp...

NVIDIA Resiliency Extension 安全漏洞

NVIDIA Resiliency Extension is a Python package from NVIDIA. A security vulnerability exists in NVIDIA Resiliency Extension that originates from predictable log file names in log aggregation and could lead to elevation of privilege, code execution, denial of service, information disclosure, and...

HP多款产品 安全漏洞

HP TC8 and HP TC10 are both a video conferencing system from Hewlett-Packard HP USA. A security vulnerability exists in various HP products that stems from sensitive data being written to log files, which could lead to information disclosure...

Poly Video - Sensitive Data Might Be Written to Log File

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

CVE-2025-11693 Export WP Page to Static HTML & PDF <= 4.3.4 - Unauthenticated Cookie Exposure via Log File

The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.4 through publicly exposed cookies.txt files containing authentication cookies. This makes it possible for unauthenticated attackers to cookies th...

CVE-2025-11693 Export WP Page to Static HTML & PDF <= 4.3.4 - Unauthenticated Cookie Exposure via Log File

The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.4 through publicly exposed cookies.txt files containing authentication cookies. This makes it possible for unauthenticated attackers to cookies th...

CVE-2024-47570

An insertion of sensitive information into log file vulnerability CWE-532 in FortiOS 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0 all versions; FortiProxy 7.4.0 through 7.4.3, 7.2.0 through 7.2.11; FortiPAM 1.4 all versions, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions...

CVE-2025-64650

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

CVE-2025-62470

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-62470

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2024-47570

An insertion of sensitive information into log file vulnerability CWE-532 in FortiOS 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0 all versions; FortiProxy 7.4.0 through 7.4.3, 7.2.0 through 7.2.11; FortiPAM 1.4 all versions, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions...

EUVD-2025-202249

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-62470 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2025-62470

CVE-2025-62470 is a heap-based buffer overflow in the Windows Common Log File System (CLFS) Driver that enables a locally authenticated attacker to escalate privileges. The vulnerability affects the CLFS driver in Windows, with local access required and high impact on confidentiality, integrity, ...

CVE-2025-62470 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

EUVD-2025-201832

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

PT-2025-50108

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.0 through 7.4.3 FortiProxy versions 7.2.0 through 7.4.3 FortiPAM versions 1.0 through 1.4 FortiSRA version 1.4 Description A flaw exists where sensitive information can be written to log files. Specifically, a read-only...

KB5071507: Windows Server 2008 Security Update (December 2025)

The remote Windows host is missing security update 5071507. It is, therefore, affected by multiple vulnerabilities - Untrusted pointer dereference in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network. CVE-2025-62549 - Null pointer...

KLA90811 Multiple vulnerabilities in Microsoft Product (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, spoof user interface, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a...