17 matches found
Apache Tomcat 10.1.22 < 10.1.54 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 10.1.54. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.54security-10 advisory. - Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clusteri...
CVE-2025-70040
CVE-2025-70040 affects the npm package jimeng-web-mcp (v2.1.2) from LupinLin1. The issue is described as CWE-532: Insertion of Sensitive Information into Log File, allowing an attacker to obtain sensitive information via poorly sanitized log output. Connected sources confirm the affected componen...
CVE-2025-11446
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12...
EUVD-2025-34294
Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally...
CVE-2025-30105
Dell XtremIO, versions 6.4.0-22, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access...
Linux Distros Unpatched Vulnerability : CVE-2024-22123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another...
Git credentials are exposed in Atlantis logs
Summary Short summary of the problem. Make the impact and severity as clear as possible. For example: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Atlantis logs contains GitHub credentials tokens ghs... when they are rotated. Thi...
SUSE CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
PT-2024-6100 · Zabbix +4 · Zabbix +4
Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: The issue is related to incorrect code generation control in the Zabbix monitoring system. It allows a remote attacker to execute arbitrary code. Setting SMS media allows configuring a GSM...
JetBrains TeamCity 日志信息泄露漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. An information disclosure vulnerability exists in...
Acronis Cyber Protect 日志信息泄露漏洞
Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, network security, and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security...
CVE-2022-32556
CVE-2022-32556 affects Couchbase Server before 7.0.4. During certain crashes, a private key is leaked to log files, exposing sensitive material and potentially impacting confidentiality. CVSSv3.1 base score is 7.5 (HIGH). The provided materials identify affected product/version and the root cause...
DEBIAN-CVE-2020-15095
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "://:@::/". The password value is not redacted and is printed to stdout and also to any generated log files...
F5 BIG-IP APM Log Leakage Vulnerability
F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A security vulnerability exists in F5 BIG-IP APM versions 15.0.0 through 15.0.1, 14.1.0 through 14.1.2, and 14.0.0 through 14.0.1, which stems...
USN-3164-1 exim4 vulnerability
Bjoern Jacke discovered that Exim incorrectly handled DKIM keys. In certain configurations, private DKIM signing keys could be leaked to the log files...
CVE-2016-5432
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files...