CVE-2026-4788

IBM Tivoli Netcool Impact versions 7.1.0.0–7.1.0.37 store sensitive information in log files that could be read by a local user, per multiple sources. IBM’s advisory fixes the issue in 7.1.0.38 (FP38) or later; remediation requires upgrading to 7.1.0.38+. The CVSS information from IBM indicates a...

CVE-2026-4788 Multiple Vulnerabilities affect IBM Tivoli Netcool Impact

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user...

PT-2026-31056

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user...

PT-2026-31304

Name of the Vulnerable Software and Affected Versions Dell Elastic Cloud Storage versions 3.8.1.7 and prior Dell ObjectScale versions prior to 4.1.0.3 and version 4.2.0.0 Description Dell Elastic Cloud Storage and Dell ObjectScale contain a flaw where sensitive information may be inserted into lo...

CVE-2025-68152

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, it is possible that a compromised workload machine under a Juju...

Juju 安全漏洞

Juju is a canonical Juju open-source application orchestration engine. Vulnerabilities existed in versions of Juju between 2.9 and 2.9.56, as well as in versions between 3.6 and 3.6.19. These vulnerabilities stemmed from the possibility that compromised workload machines could read any log file o...

CVE-2026-34797

Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logssmtp.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open call, which allows command injection due to an incomplete...

EUVD-2018-21722

Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the custom log files location field. Attackers can input a buffer of 2000 characters in the Log Files Location custom path parameter...

CVE-2018-25232 Softros LAN Messenger 9.2 Denial of Service via Log Files Location

Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the custom log files location field. Attackers can input a buffer of 2000 characters in the Log Files Location custom path parameter...

CVE-2018-25232 Softros LAN Messenger 9.2 Denial of Service via Log Files Location

Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the custom log files location field. Attackers can input a buffer of 2000 characters in the Log Files Location custom path parameter...

CVE-2018-25232

Softros LAN Messenger 9.2 is affected by a denial-of-service vulnerability. The issue arises in the Log Files Location field where an excessively long input (a 2000-character buffer) can crash the application when the OK button is clicked. The available documents specify the affected product and ...

PT-2026-29018

🚨 CVE-2018-25232 Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the custom log files location field. Attackers can input a buffer of 2000 characters in the Log Files Location cust...

CVE-2024-11604

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through...

CVE-2021-27924

An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is insecurely logging session cookies in the logs. This allows for the impersonation of a user if the log files are obtained by an attacker before a session cookie expires...

CVE-2024-11604

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through...

PT-2026-28268

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through...

PT-2026-28683

A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handle tool call of the file XAgent/function handler.py of the component API Key Handler. This manipulation of the argument api key causes sensitive information in log files. The attack may be...

EUVD-2025-209038

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

CVE-2025-36187

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

CVE-2025-14684

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...