Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4558 matches found

Cvelist
Cvelistadded 2025/11/19 3:47 p.m.10 views

CVE-2025-10703

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

8.6CVSS0.00111EPSS
Exploits0References1
Veracode
Veracodeadded 2025/11/19 9:45 a.m.6 views

Insertion Of Sensitive Information Into Log File

org.elasticsearch:elasticsearch is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to improper handling of request auditing for the reindex API, which allows an attacker to expose sensitive data if specific logging conditions are met...

5.7CVSS6.9AI score0.00019EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2025/11/19 9:15 a.m.2 views

CVE-2025-11446

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12...

6.5CVSS5.8AI score0.00024EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/11/19 8:53 a.m.5 views

CVE-2025-11446

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12...

7.3CVSS0.00024EPSS
Exploits0References1
CVE
CVEadded 2025/11/19 8:53 a.m.9 views

CVE-2025-11446

CVE-2025-11446 affects upKeeper Manager 5.2.0–5.2.11 (pre-5.2.12). The issue is Insertion of Sensitive Information into Log File, enabling use of Known Domain Credentials. Impact is Confidentiality HIGH; Exploit details are not provided in the documents. Remediation: upgrade to 5.2.12 or later (p...

7.3CVSS6.5AI score0.00024EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/11/19 8:53 a.m.2 views

CVE-2025-11446

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12...

7.3CVSS6.5AI score0.00024EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/11/19 12:0 a.m.2 views

GatesAir Flexiva-LX Series 安全漏洞

The GatesAir Flexiva-LX Series is a series of solid-state FM transmitters from GatesAir USA. A security vulnerability exists in the GatesAir Flexiva-LX Series versions 1.0.13 and 2.0 that originates from a publicly accessible log file exposing sensitive session identifiers, which could lead to...

6.5CVSS6.5AI score0.00058EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/11/19 12:0 a.m.2 views

upKeeper Manager 安全漏洞

upKeeper Manager is an IT system management and automation tool from the Swedish company upKeeper. A security vulnerability exists in upKeeper Manager versions 5.2.0 through prior to 5.2.12, which stems from the insertion of sensitive information into a log file that could lead to the use of know...

7.3CVSS6.3AI score0.00024EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/11/19 12:0 a.m.5 views

PT-2025-47524

Name of the Vulnerable Software and Affected Versions GatesAir Flexiva-LX versions 1.0.13 and 2.0 GatesAir Flexiva-LX models LX100, LX300, LX600, and LX1000 Description The GatesAir Flexiva-LX devices are affected by an issue where sensitive session identifiers sid are exposed in a publicly...

6.6AI score0.00058EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/11/19 12:0 a.m.3 views

PT-2025-47467

Name of the Vulnerable Software and Affected Versions DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392 DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805 DataDirect Connect for JDBC for Hive versions through 6.0.1.001499 DataDirect Connect...

8.6CVSS6.8AI score0.00111EPSS
Exploits0References5
CNNVD
CNNVDadded 2025/11/19 12:0 a.m.2 views

Lynx Twonky Server 安全漏洞

Lynx Twonky Server is a DLNA/UPnP media server from Lynx USA. A security vulnerability exists in Lynx Twonky Server version 8.5.2, which stems from an access control flaw that could lead to log file disclosure and administrator credential disclosure...

9.8CVSS6.4AI score0.83986EPSS
Exploits3References1
Positive Technologies
Positive Technologiesadded 2025/11/19 12:0 a.m.1 views

PT-2025-47447

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12...

7.3CVSS6.9AI score0.00024EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/11/19 12:0 a.m.9 views

CVE-2025-63212

GatesAir Flexiva-LX devices on firmware 1.0.13 and 2.0, including models LX100, LX300, LX600, and LX1000, expose sensitive session identifiers sid in the publicly accessible log file located at /log/Flexiva%20LX.log. An unauthenticated attacker can retrieve valid session IDs and hijack sessions...

0.00058EPSS
Exploits1References2
NVD
NVDadded 2025/11/12 8:15 p.m.2 views

CVE-2025-8421

An improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an authenticated local user to redirect log files with elevated privileges...

6.6CVSS0.00012EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/11/12 6:1 p.m.2 views

CVE-2025-62208

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally...

5.5CVSS7AI score0.00074EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/11/12 6:1 p.m.1 views

CVE-2025-60709

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.3AI score0.00047EPSS
Exploits2References1
CNNVD
CNNVDadded 2025/11/12 12:0 a.m.1 views

Lenovo Dock Manager 安全漏洞

Lenovo Dock Manager is a docking station firmware update software from Lenovo China. A security vulnerability exists in Lenovo Dock Manager that stems from improper default permissions that could result in log file redirection...

6.6CVSS6.7AI score0.00012EPSS
Exploits0References2
OSV
OSVadded 2025/11/11 6:15 p.m.1 views

CVE-2025-62209

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally...

5.5CVSS5.8AI score0.00074EPSS
Exploits0References1
NVD
NVDadded 2025/11/11 6:15 p.m.1 views

CVE-2025-62208

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally...

5.5CVSS0.00074EPSS
Exploits0References1
NVD
NVDadded 2025/11/11 6:15 p.m.0 views

CVE-2025-60709

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00047EPSS
Exploits2References1
Rows per page
Query Builder