41 matches found
CVE-2019-25717
CVE-2019-25717 affects Dräger Infinity Delta, Delta XL, and Kappa patient monitors. The vulnerability allows unauthenticated attackers over a network to access exposed log files, exposing device internals, location data, and wired network configuration details. No root cause or remediation detail...
IBM InfoSphere Information Server Log Information Disclosure Vulnerability
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server that...
CVE-2025-64650
CVE-2025-64650 affects IBM Storage Defender - Resiliency Service for versions 2.0.0–2.0.18, with a disclosed vulnerability where sensitive user credentials could be exposed in log files. The issue is documented across multiple sources (IBM Security Bulletin and Red Hat/EU ENISA entries) and is ti...
Lynx Twonky Server 安全漏洞
Lynx Twonky Server is a DLNA/UPnP media server from Lynx USA. A security vulnerability exists in Lynx Twonky Server version 8.5.2, which stems from an access control flaw that could lead to log file disclosure and administrator credential disclosure...
KB5068861: Windows 11 Version 24H2 / Windows Server 2025 / Windows 11 Version 25H2 Security Update (November 2025)
The remote Windows host is missing security update 5068861 or hotpatch 5068966. It is, therefore, affected by multiple vulnerabilities - Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. CVE-2025-62208,...
CVE-2025-59258
Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally...
EUVD-2015-9384
Malware in sbrugna...
CVE-2025-23261
NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are not properly suppressed in log files, potentially disclosing information to unauthorized users...
NVIDIA Cumulus Linux和NVIDIA NVOS 日志信息泄露漏洞
NVIDIA Cumulus Linux is an open network operating system.NVIDIA NVOS is an operating system. A log information disclosure vulnerability exists in NVIDIA Cumulus Linux and NVIDIA NVOS. The vulnerability stems from a hash password that is not properly hidden in log files and can be exploited by an...
The vulnerability of the XtremIO Management Server (XMS) on the Dell XtremIO storage platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the XtremIO Management Server XMS on the Dell XtremIO storage platform involves the disclosure of information through log files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Kubernetes cluster deployment and management software on Azure Local Cluster infrastructure lies in the exposure of password values in log files, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the Kubernetes cluster deployment and management software on Azure Local Cluster infrastructure is related to the disclosure of password values in log files. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information from ...
PT-2025-15491 · Microsoft · Azure Local Cluster
Name of the Vulnerable Software and Affected Versions: Azure Local Cluster affected versions not specified Description: The issue allows an authorized attacker to disclose sensitive information over an adjacent network by inserting it into a log file in an Azure Local Cluster. This can potentiall...
The vulnerability of the JDBC_PING configuration of the Infinispan data storage software allows a hacker to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the JDBCPING configuration in the Infinispan data storage software is related to the disclosure of information through registration files in the log files. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to...
Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure Exploit
Exploit Title: Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: Wipro Holmes Orchestrator v20.4.1 Tested on: Windows CVE : CVE-2021-38283 import requests as rq import argparse import datetime...
Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure
Exploit Title: Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure Date: 09/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: Wipro Holmes Orchestrator v20.4.1 Tested on: Windows CVE : CVE-2021-38283 import requests as rq import argparse...
WordPress ConvertKit plugin <= 2.4.5 - Email Disclosure in Log File vulnerability
Email Disclosure in Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin ConvertKit versions = 2.4.5...
PT-2024-2503 · Hitachi · Hitachi Virtual Storage Platform G400 +39
Name of the Vulnerable Software and Affected Versions: Hitachi Virtual Storage Platform versions prior to DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00 Hitachi Virtual Storage Platform VP9500 versions prior to DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00 Hitachi Virtual Storage Platform...
CVE-2023-32283
Insertion of sensitive information into log file in some IntelR On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access...
Code injection
All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to...
PT-2023-29124 · Rkhunter · Rkhunter
Name of the Vulnerable Software and Affected Versions: rkhunter versions 1.4.4 through 1.4.6 Description: A vulnerability was found in the rkhunter Rootkit Hunter. The issue affects an unknown function of the file /var/log/rkhunter.log, leading to sensitive information in log files. An attack mus...