Lucene search
K

286 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.6 views

CVE-2026-0520

A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...

2.8CVSS5.8AI score0.00093EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 9:26 p.m.11 views

CVE-2025-36187

CVE-2025-36187 is linked to IBM Knowledge Catalog Standard Cartridge. The IBM bulletin describes a vulnerability where the product stores potentially sensitive information in log files that could be read by a local privileged user ( CWE-532: Insertion of Sensitive Information into Log File ). Aff...

4.4CVSS6AI score0.00153EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2026/03/19 12:0 a.m.30 views

Apache Spark Deserialization Vulnerability

Apache Spark is a large-scale data processing engine that supports acyclic data streaming and in-memory computing from the Apache Foundation. Apache Spark suffers from a deserialization vulnerability. The vulnerability stems from the Spark History Web UI's overly lax Jackson deserialization of...

8.8CVSS6.3AI score0.05341EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/14 12:0 a.m.6 views

Apache Spark 代码问题漏洞

Apache Spark is a large-scale data processing engine that supports acyclic data streaming and in-memory computing from the Apache Foundation. Apache Spark suffers from a deserialization vulnerability. The vulnerability stems from the Spark History Web UI's overly lax Jackson deserialization of...

8.8CVSS6.3AI score0.05341EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/11 9:31 p.m.7 views

EUVD-2026-11350

A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...

2.8CVSS5.8AI score0.00093EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/04 12:0 a.m.8 views

CAM-LDS: Cyber Attack Manifestations for Automatic Interpretation of System Logs and Security Alerts

Log data are essential for intrusion detection and forensic investigations. However, manual log analysis is tedious due to high data volumes, heterogeneous event formats, and unstructured messages. Even though many automated methods for log analysis exist, they usually still rely on domain-specif...

6AI score
Exploits0
OSV
OSV
added 2026/03/03 8:16 p.m.5 views

CVE-2026-1265

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file...

5.3CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2026/02/12 1:15 p.m.5 views

CVE-2026-1671

The Activity Log for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the winteractivitylogaction function in all versions up to, and including, 1.2.8. This makes it possible for authenticated attackers, with Subscriber-level access...

6.5CVSS0.00287EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.11 views

Brother Industries Brother MFPs security vulnerabilities

Brother Industries Brother MFPs is a multi-functional printer from the Japanese company Brother Industries. There are security vulnerabilities associated with Brother Industries Brother MFPs, which stem from hidden functions that may allow attackers to access sensitive information in the logs...

6.9CVSS6AI score0.00241EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/19 8:37 a.m.4 views

CVE-2025-59355

A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.errorstr + "decode failed", e. If the input parameter contains sensitive information such as Hive Metastore keys, plaintext...

6.5CVSS5.4AI score0.00403EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.7 views

CVE-2023-40392

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.5. An app may be able to read sensitive location information...

3.3CVSS5.7AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.7 views

CVE-2020-7295

Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface...

4.6CVSS6.7AI score0.00464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.7 views

CVE-2022-23466

teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting XSS in the teler dashboard. When teler requests messages from the event stream on the /events endpoint, the log data displayed on the dashboard a...

5.4CVSS5.5AI score0.00384EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.9 views

Elasticsearch 7.0.x < 8.19.8 / 9.0.x < 9.1.8 / 9.2.x < 9.2.2 (ESA-2025-27)

The version of Elasticsearch installed on the remote host is 7.0 prior to 8.19.8, 9.0 prior to 9.1.8, or 9.2.0 prior to 9.2.2. It is, therefore, affected by a vulnerability as referenced in the ESA-2025-27 advisory. - Insertion of sensitive information in log file in Elasticsearch can lead to los...

7.4CVSS5.5AI score0.0016EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/16 3:15 p.m.5 views

CVE-2025-14432 Poly Video - Sensitive Data Might Be Written to Log File

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

8.1CVSS6.3AI score0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/06 5:5 a.m.19 views

CVE-2025-13292 Improper access control in Google Cloud Apigee-X allows cross-tenant Analytics modification and log data access.

A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to Apigee Analytics AX data and access logs belonging to other Apigee customer organizations. Apigee-X was found to be vulnerable. This vulnerability was patched in version 1-16-0-apigee-3. No user action i...

7.6CVSS0.00258EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/11/17 12:0 a.m.23 views

LogPurge: Log Data Purification for Anomaly Detection Via Rule-Enhanced Filtering

Log anomaly detection, which is critical for identifying system failures and preempting security breaches, detects irregular patterns within large volumes of log data, and impacts domains such as service reliability, performance optimization, and database log analysis. Modern log anomaly detectio...

6.7AI score
Exploits0
Cvelist
Cvelist
added 2025/10/31 11:1 a.m.10 views

CVE-2025-40603

A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...

0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.10 views

SonicWall SMA100 Series 安全漏洞

SonicWall SMA100 Series is a security gateway appliance from SonicWall, Inc. A security vulnerability exists in the SonicWall SMA100 Series that stems from the potential exposure of sensitive information in log files, which could result in a remote authenticated administrator viewing some user...

4.5CVSS4.7AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/24 8:24 a.m.10 views

CVE-2025-10901 Originality.ai AI Checker <= 1.0.16 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via 'ai_get_table'

The Originality.ai AI Checker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'aigettable' function in all versions up to, and including, 1.0.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...

4.3CVSS0.00195EPSS
Exploits0References2
Rows per page
Query Builder